General

  • Target

    b88ea99a578d819000485da4b80ee871488088804481dc91698986c0c90f7c9e

  • Size

    24KB

  • MD5

    9cf8c4a53d5e1c1646b07fd9a20f3df5

  • SHA1

    5b6bf82acb11421e90cede493d99931b750f23cd

  • SHA256

    b88ea99a578d819000485da4b80ee871488088804481dc91698986c0c90f7c9e

  • SHA512

    f21bcb90dfb9db76e09323152ad8bf5bee9f3a07c403e05e4f99efc557a318782a04af2140d73cef0c54f8fc9b3680b4881a2867470ff4fafd1b2f726cab9851

  • SSDEEP

    384:HcqbCK0l4h7o9SVyDGvENuh46/gJkOmMSW38mRvR6JZlbw8hqIusZzZt6bR:830py6vhxaRpcnun1

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

nesck

C2

gfknoux.localto.net:3435

Mutex

fda26501f9b381c7e35e3965cc3cee82

Attributes
  • reg_key

    fda26501f9b381c7e35e3965cc3cee82

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b88ea99a578d819000485da4b80ee871488088804481dc91698986c0c90f7c9e
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections