General
-
Target
CHEAT.exe
-
Size
93KB
-
MD5
49f3ad1aad41b40d4ff259eb6a2feb89
-
SHA1
9b7a8d9e2b3e8e4fd30a085e50b43224f8bd10ee
-
SHA256
7da34ade939a6a7a8d39eeca18a3ed6ad3d906f51d1ee9d65c2e3b9fce507cff
-
SHA512
96817c7fe37886fa10a505a4833723a9f7e4da4ccd2af77ec0e65ccce7c6b688ec18ef3e6e703247269f0af4a652b0e0c098e517a62586fb256b3c9b85220ece
-
SSDEEP
1536:0UwC+xhUa9urgOBPRNvM4jEwzGi1dDLsD/gS:0UmUa9urgObdGi1dWY
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
roblecks
C2
hakim32.ddns.net:2000
sat-triumph.gl.at.ply.gg:1108
Mutex
64b6edc267902dd8651bee815ed1ce0c
Attributes
-
reg_key
64b6edc267902dd8651bee815ed1ce0c
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
CHEAT.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections