General

  • Target

    ebc00fba1ae6fca850df2e602336ff40.zip

  • Size

    19KB

  • MD5

    704143aaf362c3c989a0c0c9eab5b7e7

  • SHA1

    806cee37e82d8875043d3b9de43019ad83b5a291

  • SHA256

    79740721f44c5fdc93f7a347ac50fac2876e262d9c01e5d8a13cce7b2f401af0

  • SHA512

    05c354e12e4ec838f917d719047e5618236bb2f8cefe5ded27837a4d3dac532fe2f820c8cbd9602060636136a316ed32b3267941f193f368efcefdbbb2ea04aa

  • SSDEEP

    384:k9KyRfuCg5RK9FTFL1fLbPssJ/bAo0LMWrg/LlGhjIJ1342RL+d:2r+5wnrf7b8LMn/LoSn420

Score
10/10

Malware Config

Extracted

Family

njrat

Version

1.9

Botnet

HacKed

Mutex

Microsoft.Exe

Attributes
  • reg_key

    Microsoft.Exe

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ebc00fba1ae6fca850df2e602336ff40.zip
    .zip

    Password: infected

  • fb8ccba3d2d160e131c23b741394c019decda9624ee10a4bf27a20fc3391b9b6
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections