General

  • Target

    a407ae1ed0a941a41d223a64cefd0baf5163bc4fd35b020d562b7cf3b83442b6

  • Size

    37KB

  • MD5

    8123fc137d73b3b92fc40be61af08ace

  • SHA1

    b11168a1ad6d72808b176f0c889bfa220d13813e

  • SHA256

    a407ae1ed0a941a41d223a64cefd0baf5163bc4fd35b020d562b7cf3b83442b6

  • SHA512

    cf225e298886dc63584f7615891a3f4fc9773d4e2078a1363dba8547b1e85627b5bb5dcc18dbbcd51e3375bc18fb122ae4846bb92735d0c963ac0e9f71f56453

  • SSDEEP

    384:eLExxTGARStybaVhonbUOgg5Ctc5EmAoiCWsWGac5LoaPGtvx93pMKm+M5hsTz6N:IExTyLhChggkdeWKacbOtbNqTYDYRD

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d | By Brontok

Botnet

Victim

C2

spk.accesscam.org:55554

Mutex

m9o1ocabbaxon9ndffebx7uutlcl49nl

Attributes
  • reg_key

    m9o1ocabbaxon9ndffebx7uutlcl49nl

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a407ae1ed0a941a41d223a64cefd0baf5163bc4fd35b020d562b7cf3b83442b6
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections