General
-
Target
3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668.exe
-
Size
23KB
-
MD5
ef3997fba7e285c97c28140e51928249
-
SHA1
66734f8816697b868d9dd1dafb49ad1c3a153755
-
SHA256
3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668
-
SHA512
5422450cc95c23bffd47ba84acd489ac3997ffdb3851c167fb6925ca011afa0be5d0ed0a619b095cd3ee1f52ea9d14000e864b2cd577ab301ee65714cc7c1966
-
SSDEEP
384:68aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZZr:9Xcwt3tRpcnu6
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
t1
C2
10.9.203.254:3131
Mutex
969f98392400891a1a1da27da68a2a1d
Attributes
-
reg_key
969f98392400891a1a1da27da68a2a1d
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3ce2612c8d59e06c0aac8e466e37efd8d07a2c4c91e5c894e44d8ec069aac668.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections