General
-
Target
4e5a132f843257037445628396c656b9.exe
-
Size
23KB
-
MD5
4e5a132f843257037445628396c656b9
-
SHA1
378c17d0f6ed512dbe5a43cd565549a80808bd62
-
SHA256
e2c457f18c1063a235f962572ee6f6d49ddfbeba92599470b94b5fa2c3c237e1
-
SHA512
8252a3a38a0fe038ba06830d3c703ea93828ebca045b4f465669798cef515910239eb16e9c36b4a7ab114ac15fbc7538a92b31ff578f4cc6f7635e7fc24d6d9c
-
SSDEEP
384:Vk8aSyS9gB3Y1KIay2X8cLZI6XgxsGJVPpmRvR6JZlbw8hqIusZzZIo8:N589tXvRpcnur
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Madest 0.7d
Botnet
HacKed
C2
steam.buy-nitro.ru:5555
Mutex
09df2bd777d1a884c3a89c8a9ba5e4a2
Attributes
-
reg_key
09df2bd777d1a884c3a89c8a9ba5e4a2
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4e5a132f843257037445628396c656b9.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections