General
-
Target
672cf5578d50a77af3cf04448c948a0d
-
Size
32KB
-
MD5
672cf5578d50a77af3cf04448c948a0d
-
SHA1
541b9e6e8523082c6badeb8ca93073bb0251dc19
-
SHA256
c3bef104d99fc5433009d8fd1cc31d510d847e4c94bb536ac487a689d081decc
-
SHA512
fdb2e323b58f3ee17ff807dc576125a7d19cba76af92de78b575d27748212f80220c5b1b29912c99de2948120596ecdf31822b7e06d95db36fa9a7a807ddd3d2
-
SSDEEP
384:y0bUe5XB4e0XXOVcsw0Q0mS03AWTxtTUFQqzFtObbR:rT9Bue6555d3bR
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
miwarzo.duckdns.org:2001
Mutex
65f8beff7f104
Attributes
-
reg_key
65f8beff7f104
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
672cf5578d50a77af3cf04448c948a0d
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections