General
-
Target
5a1668513c822c2b8e972ddd578dd9d6.exe
-
Size
93KB
-
MD5
5a1668513c822c2b8e972ddd578dd9d6
-
SHA1
7f9bae9ba73cd6bb1ebc5bb0ac92429caf8a8afb
-
SHA256
a406d9895911ac26f41f77b6280e09409ea084a1d130cdc7f766528e8335dd01
-
SHA512
8e3edaaa3444478f7a7e9212358b8453de325ef821563bffc96331a92d13678b6fec482d7feb38da35dc370d6b2c532ce4d4fe9e6c8071dae0dd13773b345476
-
SSDEEP
768:8Y33UfhWXxyFcxovUKUJuROprXtWNzeYhYbmXxrjEtCdnl2pi1Rz4Rk3isGdpEgM:jU5WhIUKcuOJ2PhBjEwzGi1dD+DEgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
188.34.178.0:5552
Mutex
958cbf1ebcbed9dbc72f2c3e95e327ef
Attributes
-
reg_key
958cbf1ebcbed9dbc72f2c3e95e327ef
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
5a1668513c822c2b8e972ddd578dd9d6.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections