General
-
Target
2e8325c1f1ed422da06b8016fc6eefd4db95e24d5341cf72d2858e7e5597142e
-
Size
93KB
-
MD5
76dfdd11ed81281e6b3dedd959abf4c2
-
SHA1
652b9bc8de1a4b02d2e79dbda4910381e46d494e
-
SHA256
2e8325c1f1ed422da06b8016fc6eefd4db95e24d5341cf72d2858e7e5597142e
-
SHA512
b495247c871d1b9c5552021efbac4caf789ae2a7d07444aff1f91d17f6729e63ba6dc0d8cc17ea7b5f9e68116f94fa619429185f50db5519286b7864adcce664
-
SSDEEP
1536:sEIuQIBlfGQFk2ZonmzlMxjEwzGi1dD7DNgS:vIstFk2ZonmZMOi1dTa
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
tell-ftp.gl.at.ply.gg:41553
Mutex
d92226078d68eee88ddd4382efc0cfd9
Attributes
-
reg_key
d92226078d68eee88ddd4382efc0cfd9
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2e8325c1f1ed422da06b8016fc6eefd4db95e24d5341cf72d2858e7e5597142e
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections