General
-
Target
59ab80045db2e2f0291beb94ab786f4ce9753739464926d1a8fcc5659c5c6b64
-
Size
31KB
-
MD5
f99f3a6412ef444829cb7171ac79f9fc
-
SHA1
5b8c9179f8f0dd8b2bf255183352790b502e6f0b
-
SHA256
59ab80045db2e2f0291beb94ab786f4ce9753739464926d1a8fcc5659c5c6b64
-
SHA512
83168f2f307a2afc772970b77e70cc1dda9f3a37ffd04fcefad50b150fe1657340f77847d840bba5ead5bff97a4bc24caa0525797c9e4bff4cca92b1e69b3672
-
SSDEEP
768:dis9ZOVvZVYzxDCPIAT+vCQEpvywHQmIDUu0tiwUj:b+6qJQ6DQVkIj
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fott
C2
10.33.36.120:5522
Mutex
0c6b6a9c030d96b500c2e0f8f9bcfee3
Attributes
-
reg_key
0c6b6a9c030d96b500c2e0f8f9bcfee3
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
59ab80045db2e2f0291beb94ab786f4ce9753739464926d1a8fcc5659c5c6b64
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections