General

  • Target

    test3.exe

  • Size

    37KB

  • MD5

    2f771b3461d8ddc93842c39feca9bc44

  • SHA1

    4814441916df2c5ae700ef8b380c25a59d119789

  • SHA256

    4c4a405e23f317a69e5dd5428ece6902600c6d0a31f29cc5eb3416514a42ce29

  • SHA512

    28efaa86ee085bc9e0e5cafa5afefd2bc028479cc9a4019f9b86ae921bbf658bb2cfa0340a8de99fa2e1dcf71abd6960f3af67c01256f23c92b87cda02b3e06e

  • SSDEEP

    384:Rc3Vqi0PJZtbH9KyM+2LzmQnfSsWQLarAF+rMRTyN/0L+EcoinblneHQM3epzXTT:eYJ95M+2L6Q6tQurM+rMRa8NuFRt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

ZONA LOXOV

C2

prapor03212.ddns.net:1527

Mutex

80b27082d3ac717de5243f17973af804

Attributes
  • reg_key

    80b27082d3ac717de5243f17973af804

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • test3.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections