General
-
Target
8f9a0a3430662a0c54deb0394287b0555c6963edcb9b0c8cb0f87962f17d0e87.exe
-
Size
93KB
-
MD5
349fc92196a78de83aa3fb942c21f947
-
SHA1
dbe71307fcf6e0f3f653e96665fcfba8f41fcc9e
-
SHA256
8f9a0a3430662a0c54deb0394287b0555c6963edcb9b0c8cb0f87962f17d0e87
-
SHA512
cc2ed5c718b7e37e432e09ffe7a411e6ba7dd83186cf40c148f79901977b52cf7707fd1e45e3351466560d30657eda155b7612cc05c3a6ca345d9c2873c2e755
-
SSDEEP
1536:6xvSyh6zaoFjuFCVR5jEwzGi1dDODKgS:6xMzaujuCRWi1doP
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
nine
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:17673
Mutex
08e436e4c7bed3dc8d61bf74a52f358b
Attributes
-
reg_key
08e436e4c7bed3dc8d61bf74a52f358b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8f9a0a3430662a0c54deb0394287b0555c6963edcb9b0c8cb0f87962f17d0e87.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections