General
-
Target
3e5a71464266a3d47d3791930686b9709f85d718e33187f87d0648b0ef40c5cbN
-
Size
43KB
-
MD5
a7b79328fc372155fa7775d5bd5d9850
-
SHA1
e5e83cc77d4bcfdf65f03b9516323e438227b6d1
-
SHA256
3e5a71464266a3d47d3791930686b9709f85d718e33187f87d0648b0ef40c5cb
-
SHA512
eaa6f6e8c8608477b7365f93e98518e39b02ae71cc813502de8a71ba87ed656cfb6f198a8989d2942503e5b11e85fd83eefd29c09c299c98662b7c45b358d5b1
-
SSDEEP
384:lZyWvHn1iDcsyEqtBfkEGCOEhGyOEtzcIij+ZsNO3PlpJKkkjh/TzF7pWno/greT:v9HnU4pEqtNkE5SyZuXQ/oR3+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
127.0.0.1:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3e5a71464266a3d47d3791930686b9709f85d718e33187f87d0648b0ef40c5cbN
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections