Overview

overview

10

Static

static

10

A1CA26E5E4...40.exe

windows7-x64

10

A1CA26E5E4...40.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    A1CA26E5E4FA40FDB92CAD8461C2E960211DCE0CED240.exe

  • Size

    23KB

  • MD5

    e5af9a4fc57ada5560b38d01b7d3584c

  • SHA1

    e2b30f4472e46cb02d4ea4beeef5be1be0a792a7

  • SHA256

    a1ca26e5e4fa40fdb92cad8461c2e960211dce0ced2407ab775c80bf155c112b

  • SHA512

    bcb9d028eec70bded1863adbe00ef06ae77968f193a4335cf118761a6ba29e57a3038079f074497437c1b30d62ad24204a8020c92a6608a83bae7856e0660db9

  • SSDEEP

    384:xsJqQSbToaz420EkjD5fE2MpuCg9JfJpaQU/2lmzUM9l/Us01Sv+M9:aqQ00Ekj7hTxpaQUCgjW2

Score
10/10
engetelegytbnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

engeTelegYTB

C2

0.tcp.sa.ngrok.io:12232

Mutex

449a837c935b52c7fa6cc6134a3b6051

Attributes
  • reg_key

    449a837c935b52c7fa6cc6134a3b6051

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • A1CA26E5E4FA40FDB92CAD8461C2E960211DCE0CED240.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections