General
-
Target
neverlose injector.exe
-
Size
43KB
-
MD5
abb5e4a2189cd742ff8994d598e5ffc7
-
SHA1
1a9a6e7a5d307957d7a5e1a7db834a51ee957b9a
-
SHA256
2e2ff15dba6cd1020b58b08bcdcd1a0cd1a12661baf98bba03f4becc9b8d7a6b
-
SHA512
a422a412c34b5ec22f7e0f0143c400163ec152688b751e1f71c8b3a319c3e8ae52ad6663a057272f0aad9fef4685e3d29a8135fad10aeeaf0afc2232311cbfcf
-
SSDEEP
384:4Zy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWn5mgra:O99nU4pEqt5tKhohuuXQ/o8C+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
127.0.0.1:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
neverlose injector.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections