General
-
Target
8646edfe9925c62b7d471f4efbcc2adae0fc4881c6e3b380ea7c7a4f5973ed17
-
Size
23KB
-
MD5
813cae645a859f9e7f6fffbe0e9120a9
-
SHA1
0addbb3b28af97dd5b26f79c89a0327b0e1b8719
-
SHA256
8646edfe9925c62b7d471f4efbcc2adae0fc4881c6e3b380ea7c7a4f5973ed17
-
SHA512
ccf8cc53449630174289e796bda1bc61f7973e0220caf1bcb0f10cb45d05e65fd60360f514949cc750a7d7669ed50b83257e4c913258c9909c9da049c6a5efa7
-
SSDEEP
384:u8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZhD:hXcwt3tRpcnui
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
TAKTOUKA
C2
127.0.0.1:8090
Mutex
2239074f375016b7c06b239673132d3c
Attributes
-
reg_key
2239074f375016b7c06b239673132d3c
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
8646edfe9925c62b7d471f4efbcc2adae0fc4881c6e3b380ea7c7a4f5973ed17
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections