General

  • Target

    222.exe

  • Size

    32KB

  • MD5

    31f22ac80ca6249669db15c0dbfeb075

  • SHA1

    77f93bcf826f3058e5a7ead3029b6fe2db609223

  • SHA256

    055d0080be89e6274764faef00ceace6073712efac66d84a85c4ad0517081721

  • SHA512

    d2458f0feb8318c299183922fd8de25e62e0885252d2cdcf336074ec37bfd7661cbd681ed7240843bc3fd0befc9f8ec56afb53d5d76ca9035f004924ecfd5ee0

  • SSDEEP

    384:p0bUe5XB4e0XDgONAc6WQzZWTetTUFQqz9YObbA:ST9BuDucrQ1CbA

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

Server1

C2

136.243.179.5:222

Mutex

345d733d3e7447e8

Attributes
  • reg_key

    345d733d3e7447e8

  • splitter

    @!#&^%$

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 222.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections