Overview

overview

10

Static

static

10

svchost.exe

windows7-x64

10

svchost.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    svchost.exe

  • Size

    43KB

  • MD5

    8673181183b7131c345d64951eb645c8

  • SHA1

    361469da47013de1393bd3ca2687d45d68dbfea7

  • SHA256

    e9e6027e558a693664e22e2a3d5a9189e771dc0790e433a6fbe3c3412ab96ddb

  • SHA512

    0da07afe298006de36ef075146b9849566d48f13e93f1b9ea17f6ef02ef2fad854fdf1913ab92b17ba87628bb56d86c88de743f1b45867d79d1ece6702d1eaad

  • SSDEEP

    384:jZybLZl4RuoyvEoeB9t/ECzEHPY/zAIij+ZsNO3PlpJKkkjh/TzF7pWnk/greT00:N4ZOIlvzm7hwEuXQ/ox/+L

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

returns-vary.gl.at.ply.gg:26628

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • svchost.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections