General
-
Target
Lammer.exe
-
Size
23KB
-
MD5
d0c2d069ebad310d330724ecb8c34383
-
SHA1
948c7dac951630a93d1d50cdc18a785a66bde4f3
-
SHA256
33e10bdcff6ab52e473ffeff0c0a853fd8786c3c26b896a05b7091fbcccb9555
-
SHA512
5ca77dad6ef30a5fc7031819f9d1311ec8f168c94c5678a712c8aeb82bf7101b85824a5f1e7b96ecc2746cf50f56e0c0d6c80a0ab471a67a4744b4015bcb075b
-
SSDEEP
384:JluBPiZCMfdfSJrQbsLRGSIxYVL46pg/i8BD9BmRvR6JZlbw8hqIusZzZoT:+OmhtIiRpcnuZ
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Lammer
C2
6.tcp.us-cal-1.ngrok.io:15616
Mutex
277e7c3302a3fa2bce6fdf09291934dd
Attributes
-
reg_key
277e7c3302a3fa2bce6fdf09291934dd
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Lammer.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections