Overview

overview

10

Static

static

10

0ff34979bd...b5.exe

windows7-x64

10

0ff34979bd...b5.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ff34979bd780fdaabef5d9f97d20499ef8c60aaf7e82200c822894d8ecd8cb5.exe

  • Size

    134KB

  • MD5

    501cd09125b0d60c8612ee07d41aa6e0

  • SHA1

    6329eefcf56c8c85ed09b6b712d00593293e3a9f

  • SHA256

    0ff34979bd780fdaabef5d9f97d20499ef8c60aaf7e82200c822894d8ecd8cb5

  • SHA512

    0d95d57682b901228d7db039bfd24b1a3daa699068be25d19d71a68d5c31d06690c4a670beb7ad0e0c9ba1d4096b051d215aec0d6984873c90b4cc8c983d1786

  • SSDEEP

    3072:D4DnQ2WADWwsNMDAXExI3pmKFMMMMMMMMMMMMMMMMMMqk0MMMMMMMMMMMMMMMMMV:D4UDDvMSMMMMMMMMMMMMMMMMMMqk0MMu

Score
10/10
sazannjrat

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Sazan

C2

84.32.231.176:1610

Mutex

5f1f65bec0cfed61b046be01c3f0b40e

Attributes
  • reg_key

    5f1f65bec0cfed61b046be01c3f0b40e

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ff34979bd780fdaabef5d9f97d20499ef8c60aaf7e82200c822894d8ecd8cb5.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections