General

  • Target

    358695c2f93cdcc4c0c0d8d6ddb62a03c4c2e6c5d38677d0d1a66de7cc6a744b.exe

  • Size

    32KB

  • MD5

    08c06e7bcb1a787971e10f09c26b3a9e

  • SHA1

    ee06e0860c8973eb5cfb221fcdbd70a671c91f03

  • SHA256

    358695c2f93cdcc4c0c0d8d6ddb62a03c4c2e6c5d38677d0d1a66de7cc6a744b

  • SHA512

    71c1e2b82dafa5a54f2298a749eaac674a7197cfdb355a3c2ff445f8f81d96ba73d803976439f7dcad33250d77efede34b63a8597f592712aea353f3d567009d

  • SSDEEP

    384:q0bUe5XB4e0XHOnNggUBZIGIWTItTUFQqzF73ObbkxM:zT9BuuNggUBZIjokbkxM

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

yuya0415.duckdns.org:0415

Mutex

ce24a3384e07427

Attributes
  • reg_key

    ce24a3384e07427

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 358695c2f93cdcc4c0c0d8d6ddb62a03c4c2e6c5d38677d0d1a66de7cc6a744b.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections