General
-
Target
Karalina.exe
-
Size
93KB
-
MD5
e1212dafb4712cb89e2143f495c3a771
-
SHA1
8e80418a579c38ff837e4f5727e461eece1f27a7
-
SHA256
787eca09d7d64236366a6bf0c420c566118ca1f02ccafc16daf12761d175f764
-
SHA512
869d4d667960e837d3ccc1f446a73e2cbd4331e3da93d615578f4170dd4b302c39b2a04d1ad719cdd64a7173c32236ac1eb95282a0f4eaedd0673109cae0c19d
-
SSDEEP
768:WY3/OpD9O/pBcxYsbae6GIXb9pDX2b98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk38sG0:1OLOx6baIa9RPj00ljEwzGi1dDUDmgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
127.0.0.1:13595
Mutex
9832c3e9cd3e821e5314be8029b17d5e
Attributes
-
reg_key
9832c3e9cd3e821e5314be8029b17d5e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Karalina.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections