General
-
Target
вввфы.exe
-
Size
54KB
-
MD5
c765dd8a420fa5c8ded87227cc0bbe44
-
SHA1
85a77938cb84dcf5e446b1eb6dc274b2709e7f92
-
SHA256
4944cae1682a2298a6dab4fd675158632bee27feee6b48d753719755522937c4
-
SHA512
a76e57713e938c8ebf1b816716327401d5e5f83895bf8511ab592b248ff951548d012294298842537a67becc15d727e9fbd164b9f155f228a269b23869e85e2e
-
SSDEEP
768:iNoLg652Eslt/aNxND3O4JSNjxWQG35bmaePD5PvT2XXJdxIEpmgg:iNSVGtiNjDTGdWQcGDCX3xIEpmgg
Score
10/10
Malware Config
Extracted
Family
njrat
Version
<- NjRAT 0.7d Horror Edition ->
Botnet
Victim
C2
approach-trembl.gl.at.ply.gg:60000
Mutex
21ccc5c1344d0304afc80ec3c310da24
Attributes
-
reg_key
21ccc5c1344d0304afc80ec3c310da24
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
вввфы.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections