General
-
Target
Exsellent 1.16.5.exe
-
Size
93KB
-
MD5
766f4973f0d3285b6269f0a5dd3b7260
-
SHA1
a1f7a3e64753a7c58802fd9115cb03943b9cc017
-
SHA256
9e49287ac373d1e500241514b6074f201d5477e0ba8d3dd5ee672218b8e33b09
-
SHA512
170f11f768124971dc750a73b2eb3505cbdf8c36981dc7f155a1cf9001f7ada33da936862534bf51c00732f888fc28e19dba56a9b795be20881b3f7a322922c0
-
SSDEEP
768:uY3K47yZnDQMMpAZrGSt6udttXyYsOhkGJiXxrjEtCdnl2pi1Rz4Rk33sGdpHgS7:M4+ZD3rGWNd7RhkhjEwzGi1dDjDHgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
white_admin
C2
hakim32.ddns.net:2000
2.tcp.eu.ngrok.io:15181
Mutex
0a223f76641dd5cc0b5fa29c1001c4af
Attributes
-
reg_key
0a223f76641dd5cc0b5fa29c1001c4af
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Exsellent 1.16.5.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections