Overview

overview

10

Static

static

10

14531.exe

windows7-x64

8

14531.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14531.exe

  • Size

    93KB

  • MD5

    db2cc38ba3d26a1f3ee204f8c9377ee9

  • SHA1

    dbe5a78eb04aac28835b6fd8c38f0b689aa74f0f

  • SHA256

    e39068d07e22d5f8ca2862fd78fad56032b4317f6930833a7bc209ebcb0bf00a

  • SHA512

    c2568acb72ff8e350bad98c0171518ee2f7b0a27aafb2ccfaa6940b08d2684ef826f9592e7ad25a4366166924526e27feeae34c543d85867dbd3e750ee691598

  • SSDEEP

    768:PY3RUAy0lM7utchQmnroAgFDSXaaJ/oXbyXxrjEtCdnl2pi1Rz4Rk3UsGdpPgS7:8Ud0i1nroxFMpowjEwzGi1dDMDPgS

Score
10/10
runtim14531oker.exenjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Runtim14531oker.exe

C2

hakim32.ddns.net:2000

morning-ultimately.gl.at.ply.gg:14531
Mutex

b01bafee67b4e3a4b4846a4df843c25b

Attributes
  • reg_key

    b01bafee67b4e3a4b4846a4df843c25b

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 14531.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections