General
-
Target
start.bat
-
Size
93KB
-
MD5
937286297fbc003e6a69fdc0f02ce8b0
-
SHA1
2ebd595bbb357264649f17f8b066941f05befefb
-
SHA256
35b46563f4d1ef02e7e2a315df8bbf0f8c2e49803856af0cf1418ea19fba58cf
-
SHA512
9c26792ef5102c7215afae12264e2eca6c2a0f9ed67d9b84918b720f4ca81b5fa2cdb59a28f4089e25abb93243a3d90e98d45dda9862286e2e074708eaf405f4
-
SSDEEP
1536:t8NBNvGfr2p4dTc/hDjEwzGi1dDmD4gS:t8Yfr2p4dI/Gi1dwh
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
dead-reviewer.gl.at.ply.gg:60161
Mutex
60742add55fe12a61a5fe6a3cf32e5c0
Attributes
-
reg_key
60742add55fe12a61a5fe6a3cf32e5c0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
start.bat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections