General
-
Target
kakatronv493alphaexe.exe
-
Size
93KB
-
MD5
af3b9e959c74f7886f1ff9d0aa3a8e13
-
SHA1
2159a9c66a09f5d17527af504b54b008ba4c84aa
-
SHA256
b62f19bf460bcf34c30b55826f3e9e8ae97447e059b96da2594e78f2f79aa60c
-
SHA512
10c66c53677b1bdc219b7de3d52f87490bea53ae93236a20415e1e28365eca2991218b750e6660455157d3b571ca678bfe48b22a7be523ab6cdfeb385931509b
-
SSDEEP
1536:quiCeUl/qqAp99qvVkjEwzGi1dDjDhgS:quzqqm99sVFi1dTe
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fedrochila
C2
hakim32.ddns.net:2000
127.0.0.1:2375
Mutex
5303e8bf70f5770de2a6acb7e29e0f08
Attributes
-
reg_key
5303e8bf70f5770de2a6acb7e29e0f08
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
kakatronv493alphaexe.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections