General
-
Target
6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2.exe
-
Size
93KB
-
MD5
1f41f02970cfdce69e628299a96d754d
-
SHA1
fb04fa7cbe25caccd197dac9af74496e3b513866
-
SHA256
6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2
-
SHA512
aeec12de9fdffa33fa7123809c2e67b1a6fa786d7c8db210d622b76ddeb40ae631a1cc370644836618670e976dde42367818ce53097b1760493e63c73fa6ba29
-
SSDEEP
1536:QxNJD/HBZbszKu9AZp77r1jEwzGi1dDrD7gS:QxUzK4AZtHCi1dr0
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
clien
C2
hakim32.ddns.net:2000
147.185.221.18:61276
Mutex
f7e6d24b4a113d9753558dfbb032c2ac
Attributes
-
reg_key
f7e6d24b4a113d9753558dfbb032c2ac
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections