General
-
Target
forkerbomb.exe
-
Size
37KB
-
MD5
7e45ca42d9229d3304d6a7ef7431e7b2
-
SHA1
b8c6734417f7639afdefd99b836ef1de31679888
-
SHA256
53bddbe7bc25e4103041bc18bd85f9feacdff9306aacc50b28bc89fb5fac3595
-
SHA512
eb629ab51fb120d27d56a20f60580ff2c9fa4c45943ed308b4ca0ed2d994e082b608064099f85c7a3d8f048e8119ca74043b1883230df5bcbb84c88705480298
-
SSDEEP
384:alTMUiDHblmJEpRGyEfBffXNKCYyEAurAF+rMRTyN/0L+EcoinblneHQM3epzX78:ETqHpR9EfBfVKClEHrM+rMRa8Nu1Ut
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
19.ip.gl.ply.gg:45758
Mutex
cefc22da74b080e322f392168f5c3c86
Attributes
-
reg_key
cefc22da74b080e322f392168f5c3c86
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
forkerbomb.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections