General

  • Target

    861c62fc1b264801e17d6a61ac6579a3b7d6d39e2f35aec69fc1b8300f42c953

  • Size

    93KB

  • MD5

    ccb06fa4b339cc8ff5ae2331dda084b4

  • SHA1

    0d1af1ebe0cb29ebf9ea4c76a7630661553b64db

  • SHA256

    861c62fc1b264801e17d6a61ac6579a3b7d6d39e2f35aec69fc1b8300f42c953

  • SHA512

    a716f4906ac8ba1135471deef804e886891cfdc7b3f8b8d471a8fec0aadb0a39051b5adb3930c6a715b2c7a6a46168bacb6ef9705925bfd02fd88b4ebc335952

  • SSDEEP

    1536:InwEnYi9bzKuZ+8uZ3nV5XS65mkrPZ58kzQ+e+e+:IwaYi9bsh7J7M+e+e+

Score
10/10

Malware Config

Extracted

Family

njrat

Version

v4.0

Botnet

Steam

C2

40.80.147.203:8080

Mutex

Steam

Attributes
  • reg_key

    Steam

  • splitter

    |-F-|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 861c62fc1b264801e17d6a61ac6579a3b7d6d39e2f35aec69fc1b8300f42c953
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections