Overview

overview

10

Static

static

10

5e2a88dd92...cf.exe

windows7-x64

10

5e2a88dd92...cf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e2a88dd923a18325792406702d32e3cb057126f946e037bcf34e9f9ba6321cf.exe

  • Size

    23KB

  • MD5

    3549c51a0c4799dc7c7a6a69e1a708a8

  • SHA1

    d8e7d428b90a8e596a9615ba1c43780bbe93e655

  • SHA256

    5e2a88dd923a18325792406702d32e3cb057126f946e037bcf34e9f9ba6321cf

  • SHA512

    f67f6567056a51ce032ea6889d602835d273672328ebdad5fd228a658bf0b3e5a5b24edd6cd955620235e14adf8bbb0d315b1ed2e2ea15f431c4ca9d34259e25

  • SSDEEP

    384:jYmdk8XvCJrQLdRGSiEYF7Y65gPyx6BDXNRmRvR6JZlbw8hqIusZzZX4x:swWkti/aeRpcnubx

Score
10/10
lammernjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Lammer

C2

nzweb2008-22511.portmap.host:22511

Mutex

334f132010bbc79a6e7c28a01892af18

Attributes
  • reg_key

    334f132010bbc79a6e7c28a01892af18

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5e2a88dd923a18325792406702d32e3cb057126f946e037bcf34e9f9ba6321cf.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections