General
-
Target
a681e1a6a9fe5356d0985e0f2d587e80.bin
-
Size
172KB
-
MD5
9c0200ddd66509d346cdf7329e98aa2a
-
SHA1
74edbb80db5753f2e37d2ec4aa63fd72eb233c7b
-
SHA256
be0fca116b96fbf17c5cbc3062a48067ab10d84b209221c1f1f49e8dc993a9de
-
SHA512
8e3d859b1101ac16ba8ac0de7d0939c118d1784c59a9b6ddfc1be17f9bc19c23cb912ffa0b3c35e5ec94fa61eabb080d7d159c1bcacbbc4b360475ee1dd49a67
-
SSDEEP
3072:VDYjbGh37hNPN9QjX7HuiSRu/T2AWVEChOluAJkHp2kijEs+EcfjFEfw4olLJuca:VDYc37hNPz0LHuiSRuK60AJkU/Es+5f8
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
5.tcp.eu.ngrok.io:12816
Mutex
7b0ccbf39bda817c4a6e0184c19fa7c2
Attributes
-
reg_key
7b0ccbf39bda817c4a6e0184c19fa7c2
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a681e1a6a9fe5356d0985e0f2d587e80.bin
Password: infected
-
e54aa236c131c32c6f587b3cc53248992c128159fd2a364de3b52b072e4651f2.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections