Overview

overview

10

Static

static

10

d6d0e6909a...eN.exe

windows7-x64

d6d0e6909a...eN.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6d0e6909a4322fde75968fab860bb6930f5d6a1750effb452244cff704309deN.exe

  • Size

    23KB

  • MD5

    221aa5e5c724a2bbbd1446b29ecc6de0

  • SHA1

    3d5ff2a6d1e5e2de428a7995b356cd06e29fcc11

  • SHA256

    d6d0e6909a4322fde75968fab860bb6930f5d6a1750effb452244cff704309de

  • SHA512

    4c92f0b082a000ded5f43c7da14faf4634a3193a2fbb78d549c1dacc303d5b4cc2af639cecd7ee01214f6658d2dd67d65e42b1cd8d821b710ca18a3372bcfb50

  • SSDEEP

    384:ec6CqbFYh3odrVCGiHssDB4b6i6fgpEupNXRmRvR6JZlbw8hqIusZzZMV0:xIU0tw3Rpcnuc

Score
10/10
alialitalynjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

ALIALITALY

C2

SkypeTcp.no-ip.biz:95

Mutex

a8222704e50eaec7b16bac0b7b54fc4b

Attributes
  • reg_key

    a8222704e50eaec7b16bac0b7b54fc4b

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d6d0e6909a4322fde75968fab860bb6930f5d6a1750effb452244cff704309deN.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections