General
-
Target
Shellbag anylizer.exe
-
Size
93KB
-
MD5
d1fc87c791b12280bc520d597a1208ab
-
SHA1
e82fe43a217671d37c5fb870d84cee4a6b36d414
-
SHA256
dbda15d1f89bb0dd2b363e3b9fe22e3aa81a0130fc54ac5a051b996df85a5e9f
-
SHA512
7b984a888df362bef38fce57b6b176819c78753d151920f5d2fa0f951efe0d29cc6c133409e2b0c40a19fbadb814f5ebf2c8faafd5851bad859f345c8ec3a427
-
SSDEEP
1536:61bQHRsXQQEtQnHlegjEwzGi1dDnDOgS:61LXQQEtQnFexi1dvz
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
5.tcp.eu.ngrok.io:16307
Mutex
23b333de95c4f195bb8a1f8aab1838e4
Attributes
-
reg_key
23b333de95c4f195bb8a1f8aab1838e4
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Shellbag anylizer.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections