General
-
Target
Server.exe
-
Size
93KB
-
MD5
597f75b02d58230e4f3c33f14397b1f8
-
SHA1
67651af2f6a8c57011377690187bd025ea93b161
-
SHA256
88c1f752d53cb887fb18c626039ac81ae39f44da1938d143d70ac75e2954b64c
-
SHA512
7402f4d2a6c6efa67c7c549039acb27394eff98d103226ad64ab7a7f89b05a59fe7b8fdd8d2eec4db167fc66439ecf637d556810a8504301560facc97d4128db
-
SSDEEP
768:oY3XKhhWXxyFcxovUKUJuROprXtwN8eYhYbmXxrjEtCdnl2pi1Rz4Rk3WsGdpbgM:HKvWhIUKcuOJnPhBjEwzGi1dDSDbgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
THUNDER
C2
Ni50Y3AuZXUubmdyb2suaW8Strik:MTA2Njc=
Mutex
8d08c917cd496e71a9005f448b043ab6
Attributes
-
reg_key
8d08c917cd496e71a9005f448b043ab6
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections