Overview

overview

10

Static

static

10

02424A493E...97.exe

windows7-x64

8

02424A493E...97.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02424A493EDF7B2F67778C64D2EDAB2EDF41A5469A697.exe

  • Size

    37KB

  • MD5

    82873c08ec1a2cacd5cb1916edb259b0

  • SHA1

    a759f941a86e4353cffe25d53a57c2d025e8071a

  • SHA256

    02424a493edf7b2f67778c64d2edab2edf41a5469a6973ca8702a65ae3392a90

  • SHA512

    317445cd12091e3667608e51857adf9c0de0bf6a71284e784d0eacd80af8666204d0401c404595a4f4392296aedb7db67b6ec97ac788b98d14e714d71bcc5d18

  • SSDEEP

    384:RCSvEiTbTvpWNcZ0y8fvCv3v3cLkacparAF+rMRTyN/0L+EcoinblneHQM3epzXr:YS7TZ38fvCv3E1cQrM+rMRa8NuHft

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

7.tcp.eu.ngrok.io:13306

Mutex

bb3f923c5d252b12b2f5073c15ea77ed

Attributes
  • reg_key

    bb3f923c5d252b12b2f5073c15ea77ed

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 02424A493EDF7B2F67778C64D2EDAB2EDF41A5469A697.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections