General
-
Target
c082cc6a8f0cc384c38e414388bfccb0N.exe
-
Size
43KB
-
MD5
c082cc6a8f0cc384c38e414388bfccb0
-
SHA1
6bab68c4e0f0a90b31104137bc2370a0fb735c6a
-
SHA256
35324165b982f301bfde2948a61c4742dd3a8f1abba1902380180bdb98dd7abc
-
SHA512
607e51abe259cad1867594ca73fe659094ada57bb5310c6e284b895b10e75b301334f15738fd3f672db65a1f2242833aa31cd2201279fcb80151dd40cc94fffb
-
SSDEEP
384:W8ZyNf2yCEFmVoybLfMd2MyEd0DMghgzEIij+ZsNO3PlpJKkkjh/TzF7pWn6sgrq:W64f2yVAVlbTknoggguXQ/o3I+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HardPlatform
C2
86.111.70.124:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
c082cc6a8f0cc384c38e414388bfccb0N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections