General
-
Target
88DE74F49651A4EB25769AC4F69D0FA6.exe
-
Size
23KB
-
MD5
88de74f49651a4eb25769ac4f69d0fa6
-
SHA1
2936dafdc062e62bb6be6ab498f7a75e9ad12a13
-
SHA256
fd203c3b8a0edc3629e43bb063fcc0ec3b87cc7d9827a87c892c6fdf45a89d0c
-
SHA512
7eca5fc3f4238c8e26d2a9fffa3539c3216f028ce165a3891cd59726acac88adc51d5bc451d0c67db75ec053c3c1e6a008b000a55f448a500c0d48560f8a3ffd
-
SSDEEP
384:9qYmdk8XvCJrQLdRGSiEYF7Y65gPyx6BDXNRmRvR6JZlbw8hqIusZzZOo:LwWkti/aeRpcnuA
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
VT_Teste
C2
0.tcp.sa.ngrok.io:12944
Mutex
701db76a2cea16d7d280864b8fefe923
Attributes
-
reg_key
701db76a2cea16d7d280864b8fefe923
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
88DE74F49651A4EB25769AC4F69D0FA6.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections