Overview

overview

10

Static

static

10

b79fd566dd...4e.exe

windows7-x64

10

b79fd566dd...4e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b79fd566ddd094f1c1a09d6a708058fc8571c402bdf199b786e27c94e45e804e

  • Size

    31KB

  • MD5

    852436872322fd97de2c2efb423d8edd

  • SHA1

    b6b67cf5281ecbe2db1331102eedeb49a46602ce

  • SHA256

    b79fd566ddd094f1c1a09d6a708058fc8571c402bdf199b786e27c94e45e804e

  • SHA512

    23d4ef9ce19e39c55211f8ad402a56401da6e481fc1e5946c77a92da6f18870b5ada29266a5fcf1b32185e0d70480630ba312e7b7f1cfeeae29a18c920bee4da

  • SSDEEP

    768:RMmqtf1Ll58zx36Dp8pgvB5Vvu/QmIDUu0ti+3j:eD9qfCPEQVkhj

Score
10/10
al_diwaninjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Al_Diwani

C2

127.0.0.1:80

Mutex

20ae4aa40264dffddbbc693113ec5484

Attributes
  • reg_key

    20ae4aa40264dffddbbc693113ec5484

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b79fd566ddd094f1c1a09d6a708058fc8571c402bdf199b786e27c94e45e804e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections