General
-
Target
bf1c6304d671fd45287e1cae7bf92347248ad96ae1eaef85dd40dc8bafa3c3c4
-
Size
43KB
-
MD5
fcbfbd6643f198e674be999897cd23ff
-
SHA1
6ee0e7754764ed96943209810eaaf678ce997b80
-
SHA256
bf1c6304d671fd45287e1cae7bf92347248ad96ae1eaef85dd40dc8bafa3c3c4
-
SHA512
a0c5a896a232e92139f2c8548da19e9856469b9b4231bd31daada1fd539c3058460c04951739cd5c084f4f68a2c8917793e2aa958a5cbb0c95d863486928e99a
-
SSDEEP
384:BZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWnPmgra:T99nU4pEqt5tKhohuuXQ/oiC+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
127.0.0.1:6754
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
bf1c6304d671fd45287e1cae7bf92347248ad96ae1eaef85dd40dc8bafa3c3c4
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections