General

  • Target

    ef022f571bbe78532cc1d1d09689470933f629f5e3775929f8926d7b51e6f122_Sigmanly

  • Size

    93KB

  • MD5

    4951d592fac59ef8005596d2af5d116b

  • SHA1

    536ab7195afefb6c8947a86b10adb8d0461f7115

  • SHA256

    ef022f571bbe78532cc1d1d09689470933f629f5e3775929f8926d7b51e6f122

  • SHA512

    3f551f1b653764dae9d75dbdf764389786a6004ef2c49f3c7ba81bb4412adc7c8c3315649e4c5a8f970b3f185f67e6f04bacf1264f233225511d45cb75d20ff1

  • SSDEEP

    1536:ZYduiuNTXfL/AJbZNljEwzGi1dDFDugS:ZYdaTXfL/AhzSi1dJT

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

company-telecom.gl.at.ply.gg:42876

Mutex

445c7762b8f06a76352fcac2e22df159

Attributes
  • reg_key

    445c7762b8f06a76352fcac2e22df159

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ef022f571bbe78532cc1d1d09689470933f629f5e3775929f8926d7b51e6f122_Sigmanly
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections