General

  • Target

    a4d2060b27fbf0500f87ddf80278ebd9f7c0861d487250b0048a4fd87fa79b8f.exe

  • Size

    93KB

  • MD5

    ceabf00e91c6d219345af40a28da43e8

  • SHA1

    1203c6455e46b4a7007dea71f81849d50e3e48c1

  • SHA256

    a4d2060b27fbf0500f87ddf80278ebd9f7c0861d487250b0048a4fd87fa79b8f

  • SHA512

    6098e888ebde819d137d9132d7f27dee52c9214c64f76aad6ddac713426ad62a10cf37c36d9bcd568156b5c83f43cad80cb4608705e1eea7cd220a00ca04707f

  • SSDEEP

    768:AY3XiBD7O/pBcxYsbae6GIXb9pDXQzVMBwXCmXxrjEtCdnl2pi1Rz4Rk3B6sGd0F:PipOx6baIa9RtytjEwzGi1dDRmKVgS

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

dock

C2

hakim32.ddns.net:2000

pool-tournaments.gl.at.ply.gg:7445

Mutex

13123c66ee9d74c7936482e0e7d9809f

Attributes
  • reg_key

    13123c66ee9d74c7936482e0e7d9809f

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a4d2060b27fbf0500f87ddf80278ebd9f7c0861d487250b0048a4fd87fa79b8f.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections