General
-
Target
update.exe
-
Size
93KB
-
MD5
2ee63868b61670558fde3b60bdedaa85
-
SHA1
fdb5d99c24db1ebf03483bc1aedbbc9e86707c69
-
SHA256
29fb7b348fe752a8ea2fd5d41fd4f08736e751467dbd604cb4c741ca4cc0f37c
-
SHA512
ac10140a7fea89cafb6575e5ae3b6c2a3fefcb8346efb6acdf2df89c32bd8ad665473a9ac4cd719bd9d2370f17f255cb6fc8fa3ecf5d9c24fa05a9763d354b2f
-
SSDEEP
1536:ah9t6AZtv+E7r3L6zSP4jEwzGi1dDiDOgS:ah97v+E7r+SPJi1dEz
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
hacked
C2
hakim32.ddns.net:2000
21.ip.gl.ply.gg:49359
Mutex
6562aae5baea26f7816ab9f08c3ef4b0
Attributes
-
reg_key
6562aae5baea26f7816ab9f08c3ef4b0
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
update.exe
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections