General
-
Target
7B1809B4AA561D6A694744164831856A.exe
-
Size
23KB
-
MD5
7b1809b4aa561d6a694744164831856a
-
SHA1
efa9b84a0e9f0c8ae1dd1fb0c7b28366ca3c04bf
-
SHA256
f44f9ca899f0ac7efc49d491703f249b86f4863914baddd8cedeb3646d0086ae
-
SHA512
ad3dbf695d19b9224f23af11793a2520a7717b8b545b4561046bd033161e13a11286374b0f17234aacf9247864c106db5323e2327f10b885a98ec62b44f55afe
-
SSDEEP
384:HY324bcgPiJLQrfARGSRUJsbY6ZgvSMBD3tVmRvR6JZlbw8hqIusZzZaA:QL2s+tRdRpcnuk
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Lammer
C2
165.227.31.192:22509
Mutex
3378fb27680d4a9a06e6f191501123e0
Attributes
-
reg_key
3378fb27680d4a9a06e6f191501123e0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
7B1809B4AA561D6A694744164831856A.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections