General
-
Target
Shellbag anylizer.exe
-
Size
93KB
-
MD5
a9a93cf921439f33e029758172568efc
-
SHA1
921060307d2d033f8111b9fbf8637f3a5fc25b79
-
SHA256
87c56f65f79b61d29d121d490066f75cb5160ec0ac800279374fe90fe446cccb
-
SHA512
2c9c3b8a09f8ce286e0188234020c429c172ec6e8add43a8c0c504eac06f392a26ca8d1a25baf4e9544da23ef67e5d3e02ce3e6160bb70c0d5487d83bde25a6e
-
SSDEEP
1536:Ll+gg1XvKE3IrXH3BujEwzGi1dDdDsgS:LlqXvKE3IrX3BXi1dxF
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
0.tcp.in.ngrok.io:10680
Mutex
fec0f18c985870df02c3b8b0664f760a
Attributes
-
reg_key
fec0f18c985870df02c3b8b0664f760a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Shellbag anylizer.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections