General
-
Target
556fe886edd2db888ee3a33a103c2364
-
Size
29KB
-
MD5
556fe886edd2db888ee3a33a103c2364
-
SHA1
9d58e7b157fe41d86398ff587e10ae2ff3fb3ee9
-
SHA256
833f86074592648c0a758098e34ab605a2b922d94dbab7141e2ce87acec03c35
-
SHA512
befb959a07a3a8c98a4a5207a55943e5ec6e889402b9b8dbe1c715daff9e0ffcc7ab39dba6e977307ad62b56c417dea560d8f52b2a080e483c952f621cd78d64
-
SSDEEP
384:yWWSNl7XNZossquAPJ5zylqbmGmqDc5ne4qGBsbh0w4wlAokw9OhgOL1vYRGOZzQ:ya7DossnAhuqb4qcneIBKh0p29SgRS3
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.6.4
Botnet
splitgateukrayna
C2
44gang44.duckdns.org:2222
Mutex
49e91d08e684b1770e0cefa60401157a
Attributes
-
reg_key
49e91d08e684b1770e0cefa60401157a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
556fe886edd2db888ee3a33a103c2364
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections