General
-
Target
888.exe
-
Size
287KB
-
MD5
62ada7de61b1bc0166c0b210b69e9bb3
-
SHA1
c42a2cad5ecfc2c2c897161b8e875d7b3ed9eca3
-
SHA256
442b754a305ad773be58a16f2ec8440082308acc7ae274cee8e11c7aebf34488
-
SHA512
d70c0cf9a91345570b4f8a7f680cabe1ea0ef39884f25c392545b35164eb9b6adfc7c47faf87b5cd6ebfc45ab85beede5584dba4be7d9d10bafde21788265cf5
-
SSDEEP
3072:a+RL062QAsSdADRq6ty71wtYM77ldY7AXTp2kA:/uwH77Ppj0kA
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
3C-55-76-C6-BA-75:7777
Mutex
d4092da992fc1a554a7600d3355f8f5d
Attributes
-
reg_key
d4092da992fc1a554a7600d3355f8f5d
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
888.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections