General
-
Target
startbat.exe
-
Size
93KB
-
MD5
a2678bbd0eace916ffeb692085da3ce3
-
SHA1
4962672978e14a77eddc7992296faa88f68cfc0e
-
SHA256
0d1e495ca174082e5f51835d1fab22a9a664e83dd06cbd6670617cbb1c30a456
-
SHA512
8f773d8bf5389953d886074f9da65e7114479d05e63f1f60da66db89381e06d5c9e8780d03131d89ffe01c1be5daf5c020fa201ded7048d70c15f9261752d861
-
SSDEEP
1536:cuNBNvGfr2p4dTT/hDjEwzGi1dDKDkgS:cuYfr2p4dP/Gi1dkd
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
dead-reviewer.gl.at.ply.gg:60161
Mutex
90319c19387bbc36810cf2f727f01c05
Attributes
-
reg_key
90319c19387bbc36810cf2f727f01c05
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
startbat.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections