General
-
Target
Serve1r.exe
-
Size
37KB
-
MD5
9ff9276038f01691f7441828b1222b72
-
SHA1
5111199e38fc1084bc316a22c26ad9d6a2618c2e
-
SHA256
62c236137b59fab204aecffcd0e0b6a6ac65ed2b46c165628aa1393e3c3d28b4
-
SHA512
18560afbf7e49e42b8aced810bb42b11d49cf67d89403f13d14610fa936f2b3b5c96a7f7603c0307e794de390a7f918bf47951dacf2bb880676f59d939c8f3a7
-
SSDEEP
384:dwJWoixJZl7OHg1WykrxB/dQ8+Kfy0rAF+rMRTyN/0L+EcoinblneHQM3epzXONV:WJ+R1NkrxBq1K9rM+rMRa8NuItt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed1
C2
7.tcp.eu.ngrok.io:16934
Mutex
bafb3a9d87308e55dd5a7429ecd596c2
Attributes
-
reg_key
bafb3a9d87308e55dd5a7429ecd596c2
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Serve1r.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections