General

  • Target

    90b0c7da58ca8fb02df425f5fe4d6f99ebc680f0deeabb4d3a6a6f3ea566d046

  • Size

    16KB

  • MD5

    ed07bd695f46f95ee8af6e0b6f7168ac

  • SHA1

    4643dbe3f0d81256bb59b852c3f5b61a01284002

  • SHA256

    90b0c7da58ca8fb02df425f5fe4d6f99ebc680f0deeabb4d3a6a6f3ea566d046

  • SHA512

    f88f02e426941eb182d33c7f0596b13de9fc9cb10ac229155b934bb723d5733a24ac47c46389794c71f836e02a61b209631a057d1cdc347ddd6c5d700dcabe87

  • SSDEEP

    384:Ow1YGxCqVzCzd40k0VpG1ryzWNzB5gcnROo2jerBZZZ:7YG7V70k0Vk1FN5gCO3Y

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

0.tcp.eu.ngrok.io:18838

Mutex

6ef7a07599da7096f5824a9ad600fb5b

Attributes
  • reg_key

    6ef7a07599da7096f5824a9ad600fb5b

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 90b0c7da58ca8fb02df425f5fe4d6f99ebc680f0deeabb4d3a6a6f3ea566d046
    .zip

    Password: infected

  • 1e9bf2f7d2e70e7c968172ef2a9b38ed480d349d59516afe8d2eaf4ad5df4af7.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections