Overview

overview

10

Static

static

10

8fd0298302...cN.exe

windows7-x64

8

8fd0298302...cN.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8fd02983022b9f09835b9cda8b137bf9888b41dbb60bc535b7fc714840b4acbcN

  • Size

    93KB

  • MD5

    2a48072cf35f77e231543cff655449b0

  • SHA1

    de6a10cc189f9d8bff617c8cab750558ad761bb7

  • SHA256

    8fd02983022b9f09835b9cda8b137bf9888b41dbb60bc535b7fc714840b4acbc

  • SHA512

    55175819ae7ba6e2b89d4f9ed1b0d0aa0e976237f44a4a38136c50942e37432c8b7f69efc43aa2814780fe3bfe2fb276f4f13c2a14a5a6916198813e70eae342

  • SSDEEP

    768:VY3WCnD9O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3SsG6:ZCxOx6baIa9RZj00ljEwzGi1dDuDsgS

Score
10/10
lipsnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

lips

C2

hakim32.ddns.net:2000

127.0.0.1:3914
Mutex

4da57d41dfd99d8577619c79d0e4470a

Attributes
  • reg_key

    4da57d41dfd99d8577619c79d0e4470a

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8fd02983022b9f09835b9cda8b137bf9888b41dbb60bc535b7fc714840b4acbcN
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections