General
-
Target
ba583316a940a2b9b89ea08329a16ff56b69a6a7f8ce099abddb15e6524f7932N.exe
-
Size
37KB
-
MD5
59e4a3c63bec5625ee2cfbfcc4d0cfe0
-
SHA1
5d4acb66541bafc28d0d17630033b060daa4e15d
-
SHA256
ba583316a940a2b9b89ea08329a16ff56b69a6a7f8ce099abddb15e6524f7932
-
SHA512
ebf2aa09cdd6f5ae21d2cd2f015bafc4c3c0c3c2e4605cf7462cd15f91695011a1cba8a614964eb1919ebea9b49d49a2e7315c0231aefd02892153eea08fbdab
-
SSDEEP
384:1ZD+ww7BeAaXaEiVxzdmB0O4yUvbqFgjUxy8ORNu2KvUF7sau+FBe10O8YMIQUfB:PSww7TPOTUvbj8UlsarFBy8r8Z2bRy
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
huy
C2
g574h9hd9.duckdns.org:1605
Mutex
98bbfe190f5619a28530a9758bf63480
Attributes
-
reg_key
98bbfe190f5619a28530a9758bf63480
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ba583316a940a2b9b89ea08329a16ff56b69a6a7f8ce099abddb15e6524f7932N.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections