General
-
Target
Kaspersky.exe
-
Size
93KB
-
MD5
327274bc008bf3d8e260af2a4b70d059
-
SHA1
d4058bac2970b6d2da5b77c3fb5dffeec236262c
-
SHA256
a13ed5c6556e32a91cb9379fac3ccf5db98c42b157dfb89288f5a75ca326bc75
-
SHA512
bae8fc052a696de14760336a896290f304182024cfdd5176f112d93f0d7e14b6a632b0e7e01f3744df1dc5f7b9e003d61088a900a7ed7b2ad2797250d725757b
-
SSDEEP
1536:7V4FQWqkqqoLc2m+isjEwzGi1dDsDMgS:7V4mkqqoA2xiti1dal
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
cheater
C2
hakim32.ddns.net:2000
2.tcp.eu.ngrok.io:17350
Mutex
09a86df6668fdfee2a06a5034dda1e09
Attributes
-
reg_key
09a86df6668fdfee2a06a5034dda1e09
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Kaspersky.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections