General
-
Target
3c0c8341a5c799791524e3cff41e7a99cd5e2eabf93a122d551896186bc88ca8
-
Size
37KB
-
MD5
aa83d654a4475f46e61c95fbd89ee18f
-
SHA1
423100a56f74e572502b1be8046f2e26abd9244e
-
SHA256
3c0c8341a5c799791524e3cff41e7a99cd5e2eabf93a122d551896186bc88ca8
-
SHA512
61ce64757af6da152ba505b1c9cfab0b8c3932b01e8ca999353cdd2e14c7469ee5fb480b6d978dd0d040339814ee67c67cf63043e8d24d3f6ec1e22e71294798
-
SSDEEP
384:4CdsoixJvl7OHg1WykrqSTX3y8RsIDoJrAF+rMRTyN/0L+EcoinblneHQM3epzXR:Rd+R1NkrqSTSasIurM+rMRa8Nuq6t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed_NotFully
C2
moneroman.ddns.net:1194
Mutex
5f1c1f4a8f4a8082788e31e499b05f88
Attributes
-
reg_key
5f1c1f4a8f4a8082788e31e499b05f88
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3c0c8341a5c799791524e3cff41e7a99cd5e2eabf93a122d551896186bc88ca8
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections