General
-
Target
0430ca347a7297985ec52effaec4c8298be3f8e71b6b71ae9b9f9db011fe6930N
-
Size
93KB
-
MD5
707dd3cd93671381aec9b5c1473a5260
-
SHA1
bbbc9bb46896a6f0e60f3b058c654e5f9a148e51
-
SHA256
0430ca347a7297985ec52effaec4c8298be3f8e71b6b71ae9b9f9db011fe6930
-
SHA512
3bd21646dad4a17615a2c01cd17194cffb3ad45262b4a4875a058509cd137903da13a41db4a24cde5c2e25795a71cac9cb0380f3ad9ade1ff38a27bee058ef59
-
SSDEEP
1536:/GK1GkeUqZJO53NSimjEwzGi1dDu2DLgS:/G1UqZJOpAOi1dPE
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
White Admin
C2
hakim32.ddns.net:2000
127.0.0.1:1111
Mutex
e3aa2f7297b5d7027e5e530d5c5041ed
Attributes
-
reg_key
e3aa2f7297b5d7027e5e530d5c5041ed
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0430ca347a7297985ec52effaec4c8298be3f8e71b6b71ae9b9f9db011fe6930N
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections