General
-
Target
4e55d185370940c3032180def76da640N.exe
-
Size
78KB
-
MD5
4e55d185370940c3032180def76da640
-
SHA1
c3d81ffd25889a0e7dc018fcb02bb44689d206e6
-
SHA256
dd4ae8c54e97b99d3f9f22b68bd634affb0dbf38849c08d9dc86bc8507e0833e
-
SHA512
c8c10ddb4140f62f549b4ed05468692e2892baa9b2b98b4a61c96b72e570a44fb96b181960a4110ead510c3a5035fc332d0374afdf63a5f0f40cafd678d61f55
-
SSDEEP
1536:wJa+2wvVDp1S5wpOk3JCK6pFohfd6fOpd/9nEh9TGVJWR:iQwpOk5CK6LO/9ESVJW
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7.3
Botnet
OCT
C2
film.royalprop.trade:8109
Mutex
update.exe
Attributes
-
reg_key
update.exe
-
splitter
0987
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4e55d185370940c3032180def76da640N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections