General
-
Target
spoofer.exe
-
Size
93KB
-
MD5
9f63eb3b3e764f65279a72aba2a7ab3c
-
SHA1
e80d0a688504c9d2c8bc2c75c4858c125376e73f
-
SHA256
044cb93b9b488b1f8db597b62bc989f7c6e79a5942593bf351236a271a8fc2c6
-
SHA512
a23cd7dfb128dc3143defc85c958042f3ae555a5654c081bd6158b83e16d73813f69f5da30187b251e7ef8b2078e7e681bcf84fcc66f646a8100bdd0aa71082e
-
SSDEEP
1536:SVp78lZc+/2HVzvdzDxffvqjEwzGi1dDcHbAgS:SVpoc+/2HVzFzDxn7i1dmp
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
7.tcp.eu.ngrok.io:5555
Mutex
9e1fd59a82ee1db40e91292d21f617f9
Attributes
-
reg_key
9e1fd59a82ee1db40e91292d21f617f9
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
spoofer.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections