General
-
Target
startbat.exe
-
Size
93KB
-
MD5
5f912f53a1987c725ec87c7dce00e69f
-
SHA1
91b27effcd351e457e3deaa9b25d8e379d9407a4
-
SHA256
bc399cb4d18e7e56cabb899c58e205ff8ca0253aa581583ea60d6d8fd36dbce5
-
SHA512
4937e440c2a016629a63f4ea012466d1d0872cb61a05111cf88abc44818b86ca10b8f95791ba4867731418c4c6221baf5d07355c1ebc6a05913744887e09a0fe
-
SSDEEP
768:xY3xaiSgmnldjcRoMwrx7Y+DIkIITJbXXKBpOt8ux82WXxrjEtCdnl2pi1Rz4Rko:Gagmlbrq+1NTZWOojEwzGi1dDbDWgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:10297
Mutex
7b4a7011afa1499943c83b3ca5c7d377
Attributes
-
reg_key
7b4a7011afa1499943c83b3ca5c7d377
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
startbat.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections