Overview

overview

10

Static

static

10

kays.exe

windows7-x64

8

kays.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    kays.exe

  • Size

    93KB

  • MD5

    916aef6c0e4eeb70922aab29059ac46f

  • SHA1

    6310e54ddfcc66cc3ea93c138117bf2681cc44e5

  • SHA256

    ccf5fa45e69f8de36848d8b3912b1f61bde934b4deafc95fef94f4af2441da1b

  • SHA512

    1a00dc7fb4c48225889a5682b0a00f00fd526c14fa455df3962cd407517b1534d7836b92ef6dae017c20cd9d7be166cb03f699d20a481aa4c411ebef97a2e0e4

  • SSDEEP

    768:+Y3u+yD9O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk33vsk:Q+IOx6baIa9RZj00ljEwzGi1dDLD7gS

Score
10/10
bloubnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

bloub

C2

hakim32.ddns.net:2000

127.0.0.1:5552
Mutex

fe3e9cb4fc799903dde434577b37f424

Attributes
  • reg_key

    fe3e9cb4fc799903dde434577b37f424

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • kays.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections