General
-
Target
49e686db686ea8dc3e3eebd8b35e461f062684de3ca06fc3d8b4664b3f175f62
-
Size
37KB
-
MD5
1bcf67c1f8bc98427e91ef1f55b08543
-
SHA1
5027465199412f584324cdd9b7cfe2cc72a356cd
-
SHA256
49e686db686ea8dc3e3eebd8b35e461f062684de3ca06fc3d8b4664b3f175f62
-
SHA512
15048ea869527dc6cafc04f18edc4c77d8e3d160525386db3ff70a3810e61c4822d39e6e505cd6264789acfa9f7bf705b389f7a56833fc0844f8a19b722bf5c8
-
SSDEEP
384:tLGQqQilwhHeTnMGiyMTl03HOj3YTrrAF+rMRTyN/0L+EcoinblneHQM3epzXPNp:7rSMGxMTl0ejY/rM+rMRa8Nu15t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
AB
C2
gman123.duckdns.org:5552
Mutex
a7dbbfe19f5aa2c19ff5ee9aac621d3e
Attributes
-
reg_key
a7dbbfe19f5aa2c19ff5ee9aac621d3e
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
49e686db686ea8dc3e3eebd8b35e461f062684de3ca06fc3d8b4664b3f175f62
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections