General
-
Target
1545b94542a0b65b918eea8ae863a9ce.exe
-
Size
93KB
-
MD5
1545b94542a0b65b918eea8ae863a9ce
-
SHA1
9b084aa69f9a80147565928fca70949e2ed454a5
-
SHA256
04845d6cc0bbf455e85fdecbc9db2766ac76549871cb1e0d27818c8251bf664c
-
SHA512
a1e33278fb36e10b883b916a2acafa86672a930fb16161e6d5914391db227ce0daaaf6d615917a9f62da2cc85175b6cc78720c497c33124f3c78f415726119c4
-
SSDEEP
768:jY3FUAEX74tXUIM5YT8/GED60m9ZX7ZVXXtSNOXxrjEtCdnl2pi1Rz4Rk3gsGdp/:4UAo4dT8eOvm/PtFjEwzGi1dDYDfgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Sisi pisi
C2
hakim32.ddns.net:2000
147.185.221.18:47077
Mutex
af6bef4d1f48b4b01abfe2d9e6057cf3
Attributes
-
reg_key
af6bef4d1f48b4b01abfe2d9e6057cf3
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1545b94542a0b65b918eea8ae863a9ce.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections