General

  • Target

    cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80.exe

  • Size

    23KB

  • MD5

    07482a2a2606a16508f564652c80c1d7

  • SHA1

    1d66ed2fd7de47192c07c0a9889b54d0140e506e

  • SHA256

    cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80

  • SHA512

    c687b091d6cb11a174c7751345a752588b0d6e93b2b45d98f2571342038cf85df7d4e68d9502485a718e061ba87ff2bcd5882674ca2981a2229f464bcd37536c

  • SSDEEP

    384:koWSkWHa55BgDVRGipkItzY6vZg36Eh7FpmRvR6JZlbw8hqIusZzZ2HmN:TJuk9pHRpcnuM

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

paulo2

C2

swuhH3-22324.portmap.host:22324

Mutex

8ee321980d6be66417cfa18e5070498f

Attributes
  • reg_key

    8ee321980d6be66417cfa18e5070498f

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections