General
-
Target
7b8fa46b72e383ad837d382bbfedcfcb
-
Size
14.1MB
-
MD5
7b8fa46b72e383ad837d382bbfedcfcb
-
SHA1
8d42f0b9199ba8c336f26fda6b4d2c398ad8a013
-
SHA256
6ee9c9d3a1c250a9d271a9a0ce113427bd4f5bd591cd5f1946ec5f064c35beec
-
SHA512
61ff31920ec2774780d9a381dcbe5b97268803eea3cf45ac51f24b29cec1df545b8a4f930b2055cfd92c4b7b41f1984bfc2dc0945e3062f57356243c1bc6b10c
-
SSDEEP
196608:yA6TS+uUdI5FqYWQi6D05vvG1KeQW9EfvIeo0PAzLBYZU7cca0hSif:y/e9U6rvb50xg0iYdsCZOcca0w2
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
566
C2
hakim32.ddns.net:2000
192.168.0.23:1604
Mutex
68234368da23b4c12442a5f1ebf604c9
Attributes
-
reg_key
68234368da23b4c12442a5f1ebf604c9
-
splitter
|'|'|
Signatures
-
Njrat family
-
Themida packer 1 IoCs
Detects Themida, an advanced Windows software protection system.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7b8fa46b72e383ad837d382bbfedcfcb
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections