General

  • Target

    EMANNN.exe

  • Size

    55KB

  • MD5

    6bc49cb82d9f92f4a70cf4c84265c26f

  • SHA1

    87f69c48c84f9a701b6800762c69c95dfd181273

  • SHA256

    925364c585429e6ae064c4db9c7bf30db036debed7b1f403efc60ea6990da4bf

  • SHA512

    3d1f055ec378e244c239debc9832bbd6f56a1b3cb27fa009380a728e769ad870272d90cc940d269a3f985c333380b43eedb4c5d1fbe8be57bd67749bc9419d0c

  • SSDEEP

    1536:k+mIDn/NOryWhI0DtwsNMDmXExI3pmjm:SIDnE+v0DtwsNMDmXExI3pm

Score
10/10

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

VeletRobox

C2

maps-having.gl.at.ply.gg:52531

Mutex

f53a2de487461812859f1781af27b20d

Attributes
  • reg_key

    f53a2de487461812859f1781af27b20d

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • EMANNN.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections