General
-
Target
0x000900000001225c-8.dat
-
Size
43KB
-
MD5
3d5e301c8221356991a5522034c5b907
-
SHA1
d71baabd5d474aa4aabc865e2ca73db578c71a6d
-
SHA256
c69616a4c334e550278446c2404e5ac5b896938179ade3a64afcfdf19b254e21
-
SHA512
9bb1feab4689858fd3034b64d9549ecc60a54a7c8f7e70eff22730855e375921c27901dcdc50e812266b1a80a269dfab2a4df82e8feba65e51e99d162501fc13
-
SSDEEP
384:7Zyn5/YdM9qIyrCAjDyYUMxsgl4DJW9D9O5UE5QzwBlpJNakkjh/TzF7pWnCFgrW:1xCwFrFDPpsltvQO+T+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
Svchost
C2
95.173.255.238:4444
Mutex
Windows Defender
Attributes
-
reg_key
Windows Defender
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000900000001225c-8.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections