General
-
Target
9a646486e8f48e6cbf92b22761e68e242fb06e447fd82bfb58de11e8956184f5N
-
Size
33KB
-
MD5
89b59f712fc271a7ea93d447a3cc93c0
-
SHA1
44781d6057f7165508fd2127e9bee36622fc1586
-
SHA256
9a646486e8f48e6cbf92b22761e68e242fb06e447fd82bfb58de11e8956184f5
-
SHA512
91f08e0a11a44d0085ce2aa7eda8cb556510032ab2c2a61a6834e629dde973271d018add27df0b05f2fd7df0177298711f5caeb8db97d9640e6b93fe1b137ced
-
SSDEEP
384:A8aY1ia0N/IH+WUiWiLcXyUTly2Rc87po6ngB8W+tqlf5mRvR6JZlbw8hqIusZzo:F1Re/E+WUiW6ci6NR7tZRpcnuUUFP
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
AlbertoScammer
C2
178.162.221.62:80
Mutex
c20b8e85844937959c801a053d8106ad
Attributes
-
reg_key
c20b8e85844937959c801a053d8106ad
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
9a646486e8f48e6cbf92b22761e68e242fb06e447fd82bfb58de11e8956184f5N
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections