General

  • Target

    1f2700987cf9d919c85e0bf6ad9b64237e99d52b7d71d1a90b942eb481b4bd98

  • Size

    23KB

  • MD5

    a7930005f1d8bdda2e3491cc36b59237

  • SHA1

    61dfc83d5d47476c1d9e63d6123c0f6549a08128

  • SHA256

    1f2700987cf9d919c85e0bf6ad9b64237e99d52b7d71d1a90b942eb481b4bd98

  • SHA512

    f03c859148f63fcd6d3518633e702f214d1efde5e00b6d8f9f9b5fca33c5f81b00d472a410f0fd3731d87cb9c7b4d98b7624e24a0f652191b7bd799e514e9605

  • SSDEEP

    384:cQ+ILgIbOprgPsUOSU0kB1kd6dg7GYh/JomRvR6JZlbw8hqIusZzZ8l:PLL6MVU0NRpcnuD

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

10.0.0.2:5552

Mutex

f1704578a45e4f31d07c6bcbe412c8eb

Attributes
  • reg_key

    f1704578a45e4f31d07c6bcbe412c8eb

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1f2700987cf9d919c85e0bf6ad9b64237e99d52b7d71d1a90b942eb481b4bd98
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections