General
-
Target
cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80.exe
-
Size
23KB
-
MD5
07482a2a2606a16508f564652c80c1d7
-
SHA1
1d66ed2fd7de47192c07c0a9889b54d0140e506e
-
SHA256
cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80
-
SHA512
c687b091d6cb11a174c7751345a752588b0d6e93b2b45d98f2571342038cf85df7d4e68d9502485a718e061ba87ff2bcd5882674ca2981a2229f464bcd37536c
-
SSDEEP
384:koWSkWHa55BgDVRGipkItzY6vZg36Eh7FpmRvR6JZlbw8hqIusZzZ2HmN:TJuk9pHRpcnuM
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
paulo2
C2
swuhH3-22324.portmap.host:22324
Mutex
8ee321980d6be66417cfa18e5070498f
Attributes
-
reg_key
8ee321980d6be66417cfa18e5070498f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
cdb2580b515e92d91c18ba0cf1e5c8f0db6de62a2edd83f070da7abdeeccdc80.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections