General

  • Target

    3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668.exe

  • Size

    23KB

  • MD5

    ef3997fba7e285c97c28140e51928249

  • SHA1

    66734f8816697b868d9dd1dafb49ad1c3a153755

  • SHA256

    3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668

  • SHA512

    5422450cc95c23bffd47ba84acd489ac3997ffdb3851c167fb6925ca011afa0be5d0ed0a619b095cd3ee1f52ea9d14000e864b2cd577ab301ee65714cc7c1966

  • SSDEEP

    384:68aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZZr:9Xcwt3tRpcnu6

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

t1

C2

10.9.203.254:3131

Mutex

969f98392400891a1a1da27da68a2a1d

Attributes
  • reg_key

    969f98392400891a1a1da27da68a2a1d

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections