General

  • Target

    0x0031000000005c50-6.dat

  • Size

    31KB

  • MD5

    b075f9e4015e2f43154b9903d9ec5fb5

  • SHA1

    0717b04115360a6d1d4451c90d0f6b0f781d249f

  • SHA256

    103cb14f2460de6ef7c780becc87bac0599bdd0527e176c0ec87aad2397b57e6

  • SHA512

    4f71a17234a0078733bd61fa80bd3463341dda0c1ac31ac9c496efd528ecd8657cf206160d6b9205e4fab6aa3b10fdd8f1764bc574223c63a38213735fd3939b

  • SSDEEP

    768:CmDVuVP514zxjCzXjX/v/DJvikQmIDUu0ti+irj:ze6SvBjQVkdoj

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

quewexsite

C2

88.168.211.65:6522

Mutex

7799a186f618ba54cc458f7422abc774

Attributes
  • reg_key

    7799a186f618ba54cc458f7422abc774

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0x0031000000005c50-6.dat
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections