General
-
Target
Server.exe
-
Size
37KB
-
MD5
287c49cac672e52452e71c9699efa73a
-
SHA1
1fff37dd9541009b3ae57b8f211f6b3403cd5dee
-
SHA256
1f9d49441908036b9f88401ad6f39e0911e2280331eb95d3fe4f14b7a1f1f3b1
-
SHA512
755ef72af4455e98d8983b168164777dd17d69300826e35e6faf8baa6d5c970dc21513368a56413767f651c6a6a5c08c615478c7e5d64a14beffd20fbc669496
-
SSDEEP
384:ImGckfsgwi+Jx3+j/NSyszkoAXVU3G6aBrAF+rMRTyN/0L+EcoinblneHQM3epz1:99kk/CNhszkoAW26OrM+rMRa8NuIQt
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
8.tcp.ngrok.io:12852
Mutex
c8305c673e29b1e4e74d813f7c60a602
Attributes
-
reg_key
c8305c673e29b1e4e74d813f7c60a602
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections