General
-
Target
FpsOptimizer_ByKartavik.exe
-
Size
93KB
-
MD5
d237e408910476961e94940e0e300631
-
SHA1
9b1a29d36388d28235222bf3b32ac47f6e8dc13b
-
SHA256
8e160e868cc17f09e587f9c8cc096ff46eed03bdd999cd18763eb15ed9ddf8bd
-
SHA512
2c5b44b37934dabeadd8252ed387f660718b46dae2843299d86b20a30974efcc769fe487dcba49b410219e6ee01b4f7f681240b69bd7dce45dc4b438268e3889
-
SSDEEP
768:fY3vsVnkpjTMpALPGMtsas88EtNXhU9Y1mxCXxrjEtCdnl2pi1Rz4Rk3SsGdpAgM:es9kVbPGHz88Eb71pjEwzGi1dDODAgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
4.tcp.eu.ngrok.io:18315
Mutex
86527a0b606570ff7c73b8515a1d871b
Attributes
-
reg_key
86527a0b606570ff7c73b8515a1d871b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
FpsOptimizer_ByKartavik.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections