General
-
Target
38644135c5520def2ac7647d58ae8c22.exe
-
Size
297KB
-
MD5
38644135c5520def2ac7647d58ae8c22
-
SHA1
ef47d7b432d6df81836c05c4562d1aa9fb58bf90
-
SHA256
601964b1a055e2081cb031f60317e34a701d962baf8a4bee6306c2be64a2305d
-
SHA512
9fa871fbbc16af15cd8df8830dd1e3aea950c506162ee62efef7d8c0412363d9baebea6952dacf12b8f819ba2228da353750dbc5c64bc30808e53eda14f135db
-
SSDEEP
768:FQv32bk/Q0oEst+XrM+rMRa8NuyKtQAFhAfPqyE1+HKiUi1N+F81qiY/ku:FQv32AY0oE1I+gRJNFarAXqo71cGu
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKedd
C2
0.tcp.eu.ngrok.io:12664
Mutex
b674a8214dce564b8a3fef85c4c87512
Attributes
-
reg_key
b674a8214dce564b8a3fef85c4c87512
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
38644135c5520def2ac7647d58ae8c22.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections