General
-
Target
ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3.exe
-
Size
32KB
-
MD5
918c8dcbb3243a2f87b72605715c8cf6
-
SHA1
abfd379e56d21b16e630db9d9d81fe6e3326adc0
-
SHA256
ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3
-
SHA512
75c3e606687909673ef9d8202e2fe7954d8c4d4d0bef3e0d8c67ab030243971d5f270acd9e6233ffecc0301606b99231083d9b8735345aa24705ed2ba90b9250
-
SSDEEP
384:50bUe5XB4e0X7OVFggUBZIG0WTEtTUFQqzFrObbW:CT9BuCDggUBZIzhbW
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
winddns.publicvm.com:5552
Mutex
9e1aa4ec9905
Attributes
-
reg_key
9e1aa4ec9905
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections