General
-
Target
kerftghb.exe
-
Size
93KB
-
MD5
f254566dad4cd4e9327242d919c2004f
-
SHA1
5c05f20764a825e71ace1455075e1c350325c952
-
SHA256
2f427b58e51f5fc38211f71194263c8e04702246ef76706f2bab5b5e394ec31a
-
SHA512
6c06ffc8be5900a4ef9bd0189c5efb87465502fd6f4a205fe09ae532a8868ac41ab1b0ce20d7cb59e526310e946f00bf75e79804a90facda32e6b15d46cc12f1
-
SSDEEP
1536:NVAiU16FHfTmaiM1sR+jEwzGi1dDID0gS:NV3FHfTViMqRHi1d+t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
C2
hakim32.ddns.net:2000
0.tcp.jp.ngrok.io :18505
Mutex
39b2a9729013d1955e8595817233e581
Attributes
-
reg_key
39b2a9729013d1955e8595817233e581
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
kerftghb.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections