General
-
Target
xsafdssfs.exe
-
Size
93KB
-
MD5
439c761eaa44f0038e2a4c6870fbff2a
-
SHA1
44db854e6d0a019190b47c1befca45b2f807dfcf
-
SHA256
724eb54199d046043a26873c70d4b95afde7db3571b6ce0fdcbf47f1f007c074
-
SHA512
15404b468a16ea25476289e372c47f14b7b4f861db20f447b74e725ee7d968d484cfa49648054c1e7a43b39d20dae5e7d443ca68ef06d0dc2e7c51f7a07ae173
-
SSDEEP
1536:nGNlF9j+90I+IDoJYcjEwzGi1dDpDzgS:nGnj+90FhG9i1d9s
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
since-searching.gl.at.ply.gg:64197
Mutex
17a9810093f2532958d910fd86a31035
Attributes
-
reg_key
17a9810093f2532958d910fd86a31035
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
xsafdssfs.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections