General
-
Target
dfeaa3a9ae41cced75b96b4b4bf7f765410d72216d02e9795258988f2bc79efe
-
Size
23KB
-
MD5
c38eb0c88c54912658324b16629b5c2a
-
SHA1
eb9ef4646954d300265909db474aa5bc59b4d228
-
SHA256
dfeaa3a9ae41cced75b96b4b4bf7f765410d72216d02e9795258988f2bc79efe
-
SHA512
6dcabcefe4499f13c7bc63a0099769d25cdc1a2f899a6c38d9bf2c08c578e18894fe43faecd3fd1e6291671952b8c6f6d01490ee8442461abb8075bc3c21a5d9
-
SSDEEP
384:9sqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZo0jK:mf65K2Yf1jKRpcnuPt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
25
C2
liince.duckdns.org:56839
Mutex
d6c73ee4fb67f28c4690eb8de45bbaa0
Attributes
-
reg_key
d6c73ee4fb67f28c4690eb8de45bbaa0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
dfeaa3a9ae41cced75b96b4b4bf7f765410d72216d02e9795258988f2bc79efe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections