General
-
Target
Server.exe
-
Size
37KB
-
MD5
52a4f4a95cae66ab262efff002d4a1d9
-
SHA1
2609dc782362ebf574f7eec4c97970404efac5f6
-
SHA256
ec2de829e3c696fda4c24f00a95b0af4eff6666b1142103d93e464996ac1dd09
-
SHA512
55adf18f6abafdd87f1c6a57f9f90364065264b00d6f37c5c849070435cc6fbafd05f3d6d95df4b67a4afe5f0207f57854a00e01f129ee6d60bd636e57e427a0
-
SSDEEP
384:JcFiUiD1blmJEpRGyEfjhvRuICY6KVIrAF+rMRTyN/0L+EcoinblneHQM3epzXKo:2FyHpR9EfjhEIC1KGrM+rMRa8NuE4t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed1
C2
7.tcp.eu.ngrok.io:5552
Mutex
5676158919069158233e936864e885de
Attributes
-
reg_key
5676158919069158233e936864e885de
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections