General
-
Target
dfebc469780c2c152b72580384ef4d60927a6de2d1b566a1a96fe943dd3251c6.exe
-
Size
307KB
-
MD5
32db0e115ffc619b625e5bf83c87b5c0
-
SHA1
e55a1f1984f9b3f414f6f98b211ba0dee582c415
-
SHA256
dfebc469780c2c152b72580384ef4d60927a6de2d1b566a1a96fe943dd3251c6
-
SHA512
b7bcff588a4fee53ba4356b6b1d29234857bbd5e9092b5a74e4531349857f66e1ac67b5a9df9cb6416b084ab1895c98532411f3063508bd6195de261867ac13d
-
SSDEEP
3072:vnkAK3MylIIn3FIyraBOggRibieoRv8w5hhCS48:v8CIn3FIyyoJNhhCS48
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
127.0.0.1:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
dfebc469780c2c152b72580384ef4d60927a6de2d1b566a1a96fe943dd3251c6.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections