General

  • Target

    f307432d9b11a759e000944743449b0c56499dfb51783e631327fed85a1c5399.exe

  • Size

    32KB

  • MD5

    014d3d7393d8c49596e70d6dd1d9bb91

  • SHA1

    2492c32089af7337506e1547a4d5857c59fec6f9

  • SHA256

    f307432d9b11a759e000944743449b0c56499dfb51783e631327fed85a1c5399

  • SHA512

    db8989b425488a4fc01d7690a072b40eccd8937f79aa5d8c1bbf72e088a9f6595bed669d847b4dade6502527408671c1da09cc51664f4d81770e48421e9ed16c

  • SSDEEP

    384:V0bUe5XB4e0XLOfO54GeaWTktTUFQqz98yObbPG:2T9BuyLDqJxbO

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

junio2023.duckdns.org:3333

Mutex

7952b2688d

Attributes
  • reg_key

    7952b2688d

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f307432d9b11a759e000944743449b0c56499dfb51783e631327fed85a1c5399.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections