General
-
Target
4951d592fac59ef8005596d2af5d116b.bin
-
Size
34KB
-
MD5
e7abb8cc9df839ca35ff23f879172e8f
-
SHA1
ccdd65abb03751c1ce7fb7c1a04474a98c547426
-
SHA256
188ba2b83622d600b04003888d1aca9d50f3ce87406dfcf328895db6c489a26f
-
SHA512
46b0f646a3a4fc2952707d35082a31afefc83e8cdfdb6d975bdc4c70c475c834e7b524c02cb672e7f8647c9d0765f8322424ff9e001eada8c6829c1305a5e3cc
-
SSDEEP
768:qpC6Ky2oWZ5QuoVaPJCDEYrBU6iuD/J2Wb72YahwJWrgCfe5:qpeobuo5DXrBgW1ahwUrgCfk
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
company-telecom.gl.at.ply.gg:42876
Mutex
445c7762b8f06a76352fcac2e22df159
Attributes
-
reg_key
445c7762b8f06a76352fcac2e22df159
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4951d592fac59ef8005596d2af5d116b.bin
Password: infected
-
ef022f571bbe78532cc1d1d09689470933f629f5e3775929f8926d7b51e6f122.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections