Overview

overview

10

Static

static

10

psi portab...ml.exe

windows7-x64

10

psi portab...ml.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    psi portable exploited 2023.html.exe

  • Size

    40KB

  • MD5

    cd935fef187e9d219f1a59cc999723ef

  • SHA1

    f509fe6291b11b6e526376d6c11077a9ed38a519

  • SHA256

    059f2325332a13eeda59327805bd7eed356c6d3340da6fce13adac502448bdf9

  • SHA512

    f8ee73946c1dc8f3c45f5d9168145d269b4930fd49f94061a10ab240acb02669f42634dcc4dde5fb045527dab2fa4834c5f2d805ef0ac952cd118ddc9d589fdf

  • SSDEEP

    768:jm+71d5XRpcnubWFAmIx3wpzBUnihEmX:jm+RjXRWubWFAmu3wtBUniym

Score
10/10
pidorasnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

pidoras

C2

185.71.67.60:6522

Mutex

f2570edef404d5adef49705a5aeacc90

Attributes
  • reg_key

    f2570edef404d5adef49705a5aeacc90

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • psi portable exploited 2023.html.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections