Overview

overview

10

Static

static

10

svchost.exe

windows7-x64

10

svchost.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    svchost.exe

  • Size

    43KB

  • MD5

    a820989c753829c1d5e14d49e1fdd4d0

  • SHA1

    584542275a5b58b148aed49837f0e3055ae88080

  • SHA256

    fc6030ba36b3b189df03112a78feb8908e8f8797b72d344832e9acbcb6815166

  • SHA512

    799af03ad5fedfb6d7e2bc5e1ed83914015c150860c7afa23f9c2a8e6da7de7ccdacbafbe4fbc00047a77d1e398fc534a08f495575de3ede8d97fb48f74dd1f7

  • SSDEEP

    384:fZy5LZl4RuoyvEoeB9t/ECzEHPY/zAIij+ZsNO3PlpJKkkjh/TzF7pWnk/greT00:huZOIlvzm7hwEuXQ/ox/+L

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

returns-vary.gl.at.ply.gg:26628

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • svchost.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections