General
-
Target
n.exe
-
Size
93KB
-
MD5
6ee6c48ebc939f45c8d233a58f2f39a9
-
SHA1
09d1f3d345b21aeeda5322a827d2924757bca4d4
-
SHA256
08f06853770be2f032611b4b56629445f6a8056d3984f1480f490ac6755fd55b
-
SHA512
852f5e3256a0b3ab2a1bea9207db72edc7c0f369725ee441fa4cc2f78d94075068a65ca2453fd29a10f7be5489df1eee5c5c04faab1ed3773e7ad142b86139d4
-
SSDEEP
1536:jeD6xreTKsKgrO9zG/5NjEwzGi1dDL4D0gS:je9KsKgrOYh6i1dqt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Unnamed app
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:14294
Mutex
90ea1b47519eaf585079e877e173d181
Attributes
-
reg_key
90ea1b47519eaf585079e877e173d181
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
n.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections