General
-
Target
6968db3a94af77b2d950281406ff4ed7.bin
-
Size
34KB
-
MD5
a1986e8d2295fab945778417cab17059
-
SHA1
54a8c403ca2f0ca35cca56bfa1f97e552abd6371
-
SHA256
19b56a930ecef10736317330d952e9d871aa7db1676c8b76955ce54a2e5d0151
-
SHA512
27ea804cc42b75a42d550885085cdfe11d15d7fec1dd2fb1e78a97e0c57df2421f589b5229933ede7a6be099931d21c8baaecd219f71c6fda18a585e31c6edf3
-
SSDEEP
768:JE1lzEKj5pfqpWPQH+l9MomVObg+ie5gHCkq45vJFRb:JE1zqW4ciVObrzq7qonRb
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
0
C2
hakim32.ddns.net:2000
37.139.52.72:5555
Mutex
955c9421f3b457ab572bc5c89e0ee6a3
Attributes
-
reg_key
955c9421f3b457ab572bc5c89e0ee6a3
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6968db3a94af77b2d950281406ff4ed7.bin
Password: infected
-
46a8b050715b4438cda624ee10a35038c638bdd19f106406bde7ee42aa8b3626.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections