General
-
Target
1e08e49fe991db17c1a31fac48f502c3
-
Size
19KB
-
MD5
1e08e49fe991db17c1a31fac48f502c3
-
SHA1
06792845574df2e1fb3cf26bb9f065379621fa47
-
SHA256
6035b690f43cdb1a555f644348d77b5c586ac6562422bbe77f480cbc996530d3
-
SHA512
85f3435c9578aa7ab8b2e28ddb772f5e09d7865f664541a94b1ab611a3f40e6c4b7999e5425692cf7b222fd6bb8b654f3227956929e83df2aeaf4b1e14d13901
-
SSDEEP
384:CbfVEAbe6G40+zRRESORXw8Lc0/43TyAAnTiAlw3u+:C7VEqXZRRESORgewuDlQu+
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
SPYNW
C2
troll.loucast.info:2322
Mutex
165d6ed988ac
Attributes
-
reg_key
165d6ed988ac
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1e08e49fe991db17c1a31fac48f502c3
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections