General
-
Target
4b019142b84cf6abef10cb728d9c344c77789708d7d5db50c35f893c71763596
-
Size
37KB
-
MD5
0fba347b4013f1358e84c4575607fd19
-
SHA1
d29420a5c0f5e230db55d9978c6ae01d7f14de9a
-
SHA256
4b019142b84cf6abef10cb728d9c344c77789708d7d5db50c35f893c71763596
-
SHA512
90ba6b292ef11c2ae7b876d687529ef5205a7884edef8e7d4806f971f5685d289375900ae937cb8ecbeb4c1def6820c2be3ec7fe2301330b6f180e88948c56f6
-
SSDEEP
384:zmOs0IiejvCVLO309QmykrtG+dA+VfwvOSiKrAF+rMRTyN/0L+EcoinblneHQM3/:5FdGdkrgYRwWS9rM+rMRa8NukNt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
5.tcp.eu.ngrok.io:11168
Mutex
9dee8964c1726a91407d37c6d78e90da
Attributes
-
reg_key
9dee8964c1726a91407d37c6d78e90da
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4b019142b84cf6abef10cb728d9c344c77789708d7d5db50c35f893c71763596
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections