General

  • Target

    jjj.exe

  • Size

    37KB

  • MD5

    1b6f416c01dab81fc69ba006b4cfd768

  • SHA1

    ce5f59bcd9ab11d17e5c6dcc5024722f5275328a

  • SHA256

    91f01488d2602ac9c3139c22fe0ff48212d8da63be4f9fa33f48ad9ac778a974

  • SHA512

    94c083810adc76efd0d8928a93622f2001961efcb0fb002f9dfe77aad9c07eefe4fab768be35f2a674c97c0008f5dc1e5f392c0ce4a1c2a3435ee7f07b8d3ea7

  • SSDEEP

    384:SsSKMizdTjnBhFbJ8ycPvZ3hdwKax0rAF+rMRTyN/0L+EcoinblneHQM3epzXGNl:lSgTlLJfcPvZP9aurM+rMRa8NuQ9t

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

nature-dawn.gl.at.ply.gg:80

Mutex

94d5d7ec08f7537bc3b2ffefec79a8b3

Attributes
  • reg_key

    94d5d7ec08f7537bc3b2ffefec79a8b3

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • jjj.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections