General

  • Target

    d6ee68c0057fd95a29a2f112c19cb556837eff859071827bc5d37069742d96cc

  • Size

    37KB

  • MD5

    e20a459e155e9860e8a00f4d4a6015bf

  • SHA1

    982fe6b24779fa4a64a154947aca4d5615a7af86

  • SHA256

    d6ee68c0057fd95a29a2f112c19cb556837eff859071827bc5d37069742d96cc

  • SHA512

    381a3c27328e30a06125c2fa45334ca84aaff7904afb032e4fd6dec1474179787f0d87e93804b7b79e74987e2977ea19d64de05872c7f4fe1ca818199ed30d02

  • SSDEEP

    384:cmnJMiLrBndznNCyMGmPiePDUcmk3lsrAF+rMRTyN/0L+EcoinblneHQM3epzX0O:Rn9RNRMGmPPg1kVsrM+rMRa8NuS6Jt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

pakEt

C2

condition-clearance.gl.at.ply.gg:7070

Mutex

9d3a575fdcc2dd1782d18ac5655a8b28

Attributes
  • reg_key

    9d3a575fdcc2dd1782d18ac5655a8b28

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d6ee68c0057fd95a29a2f112c19cb556837eff859071827bc5d37069742d96cc
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections