General
-
Target
1727246228bf52474d96d0c91d76eecd39cfb06284f20ad0f3e787fb96b50f595788ca18c5809.dat-decoded.exe
-
Size
32KB
-
MD5
145ec63fa85b1dd8c0a4c528a3b15cc6
-
SHA1
8343262ce152b88508474457db596b5035586155
-
SHA256
ec7a3cad963d387d0eb81abd5fe7db17c6aa634ac30ff8485447eec2b5cd3dcb
-
SHA512
d5f85626316ba7f812278da24461c9efcfee7fa1ae563b2595eb59c01f17893999eea11171d7818aa64022d7fe2d629e95fccd4a169c9cbab47370c508a40530
-
SSDEEP
384:u0bUe5XB4e0XOOSSGgFS6Z/73xWTStTUFQqz9UtObbi:/T9BuNSgS6BNJCbi
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
notificadoresrma.duckdns.org:2054
Mutex
a388ab2ca3be4
Attributes
-
reg_key
a388ab2ca3be4
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1727246228bf52474d96d0c91d76eecd39cfb06284f20ad0f3e787fb96b50f595788ca18c5809.dat-decoded.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections