General

  • Target

    099c9da2357e0f58ab09fc5a24589e41

  • Size

    36KB

  • MD5

    099c9da2357e0f58ab09fc5a24589e41

  • SHA1

    917bd4b5cd6c621e52f96ae1565122e724ceca1d

  • SHA256

    423d89d3e4d7651aaf9a83e3ed444daae54e14b2104f5a8552ad61df7aebff4c

  • SHA512

    30be0f01d66927bf5a99e3354e5839ed9147fa3fae341a6fc5d968c5b9f34eb42d6d0266ff354f40f2726a45615db18004f3e5a7b63c195155d0da4506ea208b

  • SSDEEP

    384:YwdmBkiyJnDNGRn5IyUvwIFvthI/im1xbrAF+rMRTyN/0L+EcoinblneHQM3epzV:xh5M5jUvFFwqmPrM+rMRa8Nud7t

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

8.tcp.ngrok.io:13661

Mutex

b9de363c039d49d6515449b25ff5fee2

Attributes
  • reg_key

    b9de363c039d49d6515449b25ff5fee2

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 099c9da2357e0f58ab09fc5a24589e41
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections