General
-
Target
Sigma.exe
-
Size
93KB
-
MD5
3226340028efb7e4b25afb92071989a7
-
SHA1
3594f73dc428e035b5c7a2cbb47a7d98944f6ea5
-
SHA256
7c51a525e1e83ee71f025dbb1b88c5f5da9562871cd7bff35820b6f85c28639b
-
SHA512
cc13efaaba5b2a1a927f1585948b974e5232a71989db42b546c9e2a200a4c8f6b1f251e5cf6f6247aae60b45e3851521f83df2ececbeeea04adbf7dde49dde0c
-
SSDEEP
1536:TVwC+xhUa9urgOBPRNvM4jEwzGi1dDQDigS:TVmUa9urgObdGi1dmH
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
hi-tin.gl.at.ply.gg:14413
Mutex
c3c667c3fe95cc8cd92cf2c9b856ba2c
Attributes
-
reg_key
c3c667c3fe95cc8cd92cf2c9b856ba2c
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Sigma.exe
Password: 1234
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections