General
-
Target
e8b0491c6e1fedd49ceb8046863f8fe47b856c68208165037bf1c7fe47b4f36dN.exe
-
Size
23KB
-
MD5
5e41b3f61e10f0e6e982152334be14d0
-
SHA1
b1c9971b7b18c10af19b717c901c61a4a6a6442d
-
SHA256
e8b0491c6e1fedd49ceb8046863f8fe47b856c68208165037bf1c7fe47b4f36d
-
SHA512
3852b181acf95cfafe736503098e3466ba1ddc8646d815a79a1c71e3bbb0e5b2a8c39219a7d6996de6a9586c4c71307ad2d108b1905fee1fc27fe59bf8234a3f
-
SSDEEP
384:xT2x0W3qZN2ATtRGCfCo9D46BgnqUhL19mRvR6JZlbw8hqIusZzZ9Uu:uh+rdflRpcnuO
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HaCkEd bY LoKn
C2
customers-edmonton.gl.at.ply.gg:28608
Mutex
5a0e6576524fad771bccf79eb40f7eca
Attributes
-
reg_key
5a0e6576524fad771bccf79eb40f7eca
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e8b0491c6e1fedd49ceb8046863f8fe47b856c68208165037bf1c7fe47b4f36dN.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections