General

  • Target

    a5eb772c16526b3b85b1195fca0de2e798a6f54808e2a1ee151fc7768b8cd880N

  • Size

    43KB

  • MD5

    a9af9a4b1fff011ea77ca1492413c240

  • SHA1

    97c6cdbe628e5e753c6f942122ca483c52007413

  • SHA256

    a5eb772c16526b3b85b1195fca0de2e798a6f54808e2a1ee151fc7768b8cd880

  • SHA512

    c9d35dff323aaf4480d60993790e7eb130da38bf72bce80388124961ca84f64bbd141d53fdda1672f9a5a57968ae9e80cdd4683d3d0c6c2d81f208e726dbebd2

  • SSDEEP

    384:CZyd1Bq0lwZmoy7ypUwCWMNxmD0a3S9D9O5UE5QzwBlpJNakkjh/TzF7pWnkFgrW:waNGol7oUrgDNvQO+J7+L

Score
10/10

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

Virus

C2

127.0.0.1:3333

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a5eb772c16526b3b85b1195fca0de2e798a6f54808e2a1ee151fc7768b8cd880N
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections