General
-
Target
a4hook.exe
-
Size
93KB
-
MD5
f0c2a757113002e952f1f36620b027a6
-
SHA1
0d18353225193ef600d4683f28b50a2c0ec2a861
-
SHA256
a19e0dc7f89ea553b19333ea5f72ebf6ae560d7d4720c8fb67143bfb685ae0e6
-
SHA512
8029c4e85d1c854b5e6300f3f6d10dac3872b264ad12ec268639b3cee59948141a33b9fbf252d31742a13c8bca53b063298f6150e9da8d176289118258a47ac1
-
SSDEEP
1536:Tu9r7EkrjaFIs7E5Ox6Jn8LjEwzGi1dDrzDAgS:Tuhjau5OYVni1dfnp
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
0.tpc.eu.ngrok.io:14088
Mutex
1d0596651e7b2a82ceff01e1a493f6dd
Attributes
-
reg_key
1d0596651e7b2a82ceff01e1a493f6dd
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
a4hook.exe
Password: 1234
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections