General
-
Target
Nursultan1.16.5.exe
-
Size
43KB
-
MD5
1300539b193bae9e0f792c5452e3ac4b
-
SHA1
35a775a707ca143f71b5954f1ca7d2c905b8dc21
-
SHA256
9a9f2e963c5e9c001b6b6b730971ef363a337814abeeb1b42ccf960d7d34847c
-
SHA512
864c3d31b37bfe5bf0c57ce873e26624b3df951297ea540b82d8bf4d9c6572cafa9ae15d8ce8bb4d1385e7bc5c7754969fd04ceb65e05f6f413c3db1dfccfc37
-
SSDEEP
384:ITZy1+WrlkteXivmGUyepU5PuHEfrErjq9UEgzwIij+ZsNO3PlpJKkkjh/TzF7ps:IdWlkQyvdhesuHuiqsuXQ/oU3+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
christian-printed.gl.at.ply.gg:21472
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Nursultan1.16.5.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections