General

  • Target

    d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5

  • Size

    55KB

  • MD5

    7625416e1980deba8c4013e86bf6c9a9

  • SHA1

    903a716e98b00ce4f4e339de05dd0281e86a3133

  • SHA256

    d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5

  • SHA512

    4981163d5f01d7c73ff958b948c2ff43a4149b8ebeb5d9df67bf66b0c90887d8a980fbd512a20128732db5ff8c0a1279c0ae63b675ddb4b6f95ce5e98ee66ab1

  • SSDEEP

    1536:y1gcDnAvNtki5pKD6iwsNMDlXExI3pmAm:VcDnA9vKD6iwsNMDlXExI3pm

Score
10/10

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

127.0.0.1:10675 :10676

Mutex

09b08cd18c97e1ec31f12c9159e6b777

Attributes
  • reg_key

    09b08cd18c97e1ec31f12c9159e6b777

  • splitter

    Y262SUCZ4UJJ

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections