General
-
Target
89e35a6cf15b226bb54e22f15b8a2d20
-
Size
46KB
-
MD5
89e35a6cf15b226bb54e22f15b8a2d20
-
SHA1
81be313f7f99ecf78195d5b9d427e634fe050cfb
-
SHA256
bd25e8a47f19b19a2c91713998cfd53b240c95d574cb5eedfb8d1504c2917523
-
SHA512
f31131444fa5c9d16209e03f8f966a1f83866bb2f592eab653040794a9e58587b3fa1af350855ee8e4da171a2f3008d9bf492180d6cfe996628cbd4e80a17784
-
SSDEEP
384:SL8xgLXeA03/lfHWtfequqP9BR3MIAQk93vmhm7UMKmIEecKdbXTzm9bVhca66Iy:MYku/sOIA/vMHTi9bD
Score
10/10
Malware Config
Extracted
Family
njrat
Version
v4.0
Botnet
victim
C2
ecutuning.ddns.net:11560
Mutex
Windows
Attributes
-
reg_key
Windows
-
splitter
|-F-|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
89e35a6cf15b226bb54e22f15b8a2d20
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections