General
-
Target
e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052N.exe
-
Size
23KB
-
MD5
c0896eab08c4745b28bf236dafee9410
-
SHA1
d07c2c94974dcb4a1ddbf21f772a276bc2f1f3a2
-
SHA256
e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052
-
SHA512
c0cbe75f2748067581f9ed00d6aa53bf59a3c18a9cc0a92229358b0a8a07118ea85168b21c46a4f5187f613427bb3852900c85569f829eab5de3c40b61eb07a0
-
SSDEEP
384:xT2x0W3qZN2ATtRGCfCo9D46BgnqUhL19mRvR6JZlbw8hqIusZzZ9Uu:uh+rdflRpcnuO
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HaCkEd bY LoKn
C2
customers-edmonton.gl.at.ply.gg:28608
Mutex
5a0e6576524fad771bccf79eb40f7eca
Attributes
-
reg_key
5a0e6576524fad771bccf79eb40f7eca
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections