General

  • Target

    celex.exe

  • Size

    55KB

  • MD5

    059fd4cebd6fa3272a145fc6ef42f5f9

  • SHA1

    064b17bfc80151c060e2c2863390bcf7af90a467

  • SHA256

    5437080e89ca02f2de4f23eb66533155888bdbf257612326194f6de85a28b524

  • SHA512

    4c323cdcd21c10451f5345eeb40ac1b3ccafb80180d46bfc1e85bf40747d45481e649efafd9a01d79e8099cd1b65fba2138919ee9be282f94ecb4d0df2bcec79

  • SSDEEP

    1536:sEYADn8fLN2/SbJtDDcwsNMDpXExI3pmmm:+ADnccqbXDDcwsNMDpXExI3pm

Score
10/10

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

loans-hamburg.gl.at.ply.gg:48460

Mutex

d5abb059f0ac6ccf0e49c90e494c030a

Attributes
  • reg_key

    d5abb059f0ac6ccf0e49c90e494c030a

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • celex.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections