General
-
Target
16e030019f05b734a973a0fafc0fb678d0eb2736cfd5159a7ea82ebf3c198170.exe
-
Size
93KB
-
MD5
320f34b9a9f567e773d2a526daf749fa
-
SHA1
6a56b12f075f8daaf354ca44810bec29e756c941
-
SHA256
16e030019f05b734a973a0fafc0fb678d0eb2736cfd5159a7ea82ebf3c198170
-
SHA512
92c05e4d6c55b68810e55b918c5c017c5d772e9f85c65ec0f35b0b9b24345ba33e0e9d1fb0055df8cedb437ee55f6409e3ed16e6eca3a0a03be3831dc5531d50
-
SSDEEP
768:KY3/KpD7O/pBcxYsbae6GIXb9pDX2b98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3hsGi:ZKBOx6baIa9RPj00ljEwzGi1dDRDUgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
6.tcp.eu.ngrok.io:13006
Mutex
ef4ab10333351fde29c0e75b008795bc
Attributes
-
reg_key
ef4ab10333351fde29c0e75b008795bc
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
16e030019f05b734a973a0fafc0fb678d0eb2736cfd5159a7ea82ebf3c198170.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections