General
-
Target
kakatron_v3.357.exe
-
Size
37KB
-
MD5
edd9ec2d6e13196a00d7d50910097266
-
SHA1
2d1989c820072da8f411d173b9a536c11375e127
-
SHA256
8ace55d29410d212ca064cd34e621fd9b9c910e95b7ce38e9dfeedd00212a7ed
-
SHA512
92393d711b5f6b8b5b6c4af4116057ca63ebd45e4a2acb24f1e9e864e0405edf88d7884b8c41b7765a68426f449dd502e5e79277f19e8870f123058c070dcda2
-
SSDEEP
384:LTbaio1t7S5pbpQyEfHqNYfJdKY6iFGrAF+rMRTyN/0L+EcoinblneHQM3epzX+K:fN3pLEfKNYTKFi0rM+rMRa8Nuwut
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
Bobrochila
C2
7.tcp.eu.ngrok.io:15553
Mutex
b256f8f5b2195a14391979f1af696ebe
Attributes
-
reg_key
b256f8f5b2195a14391979f1af696ebe
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
kakatron_v3.357.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections