General
-
Target
1222.exe
-
Size
93KB
-
MD5
5da76e40362041a920fa8d814cfa941c
-
SHA1
af686db63394ddd7f9c64270c3940702f40563e8
-
SHA256
3b7c80a670ed7981e02530ca4fc4ff52e46ebe19e6ddaf3fde249d25918da77b
-
SHA512
ad2933f4ac0decbe48ea5f5e62a7e14030526a3a17de0422f4bdd317fd5012367b20f853c090576a061c02035399988f346a3144ec15882a73ca5c54105abefc
-
SSDEEP
1536:HUwC+xhUa9urgOBPRONvM4jEwzGi1dDhDIgS:HUmUa9urgOedGi1dlx
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Petya
C2
hakim32.ddns.net:2000
tool-seven.gl.at.ply.gg:52445
Mutex
b71fc47d08e716058799df369ec8b0ba
Attributes
-
reg_key
b71fc47d08e716058799df369ec8b0ba
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1222.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections