General
-
Target
c29ae0c3c28cb7f1a074b51f0133bd5f484f8cd6ce5096659f852d0a1c6860be
-
Size
93KB
-
MD5
82f6df70d13f559fc534102731fbaf22
-
SHA1
492f375d253ea9a821e98ac910d9c7b4494b6da4
-
SHA256
c29ae0c3c28cb7f1a074b51f0133bd5f484f8cd6ce5096659f852d0a1c6860be
-
SHA512
7d78e0bca63e776e1eac9484c8784d1433a28b37bb515f5251962e5b3c16283e3e35f727d07d1bb5654d5cf4cd9adcf9a2b9451442cb37c9a1ba0edfe49bb6ac
-
SSDEEP
768:CY3ggw30YTXspgM0m2zGjpyDtdXWuDtXYLWhyXxrjEtCdnl2pi1Rz4Rk3BsGdpN3:GgQ0AA0mT1mrWnL5jEwzGi1dDRDNgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
мимм
C2
hakim32.ddns.net:2000
7.tcp.eu.ngrok.io:12426
Mutex
20103f462924107e240ab75951645864
Attributes
-
reg_key
20103f462924107e240ab75951645864
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c29ae0c3c28cb7f1a074b51f0133bd5f484f8cd6ce5096659f852d0a1c6860be
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections