General

  • Target

    x89FXkN44gPL.exe

  • Size

    32KB

  • MD5

    af62af34b7bd1a76326e4694dbd2b65a

  • SHA1

    72419745dc9279dc81f39b534be84754ad9d33cb

  • SHA256

    5079d77c36ad411dc614e579e28c2a95b96fc2372effd822f1c718fda39abb5a

  • SHA512

    b95fc42ab1a7d085f80f734d34c0a8c604290ad7a7c20f07754716a6688dc1d2e2418ac71fef4b5fde084c8e16d594156ee8450fb11764b5579977a0b7f06bcc

  • SSDEEP

    384:u0bUe5XB4e0XuORpQq1pvmufCsIspWTxtTUFQqz9aObbj:/T9ButrQqvvmu61obj

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

vbatallafinal23.duckdns.org:0101

Mutex

5a1c382f7688415aa79

Attributes
  • reg_key

    5a1c382f7688415aa79

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • x89FXkN44gPL.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections