General
-
Target
Server.exe
-
Size
93KB
-
MD5
0c636e3cb749f62f83ffd2d851020009
-
SHA1
f4e8937d60c19942979431c48dd5a61fb005b0fe
-
SHA256
b3761e944f6f56044eb1550b747f90a4cd3d5b83ced90184b91f69e79cb9974f
-
SHA512
42a51d5e071f67b41c4c6073fefbda32f91b40044319f774bd32f6dea9869d254909a51ca42dd66ab59220f7dccb166afb196a7272823e6b7fec410768b52905
-
SSDEEP
768:1Y3/yxD9O/pBcxYsbae6GIXb9pDX2KC98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3Zsa:syDOx6baIa9R/j00ljEwzGi1dDpDlgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
THUNDER
C2
OC50Y3Aubmdyb2suaW8Strik:MTI4NTI=
Mutex
90acf5dbc548b2bf6c33bb97edc5278a
Attributes
-
reg_key
90acf5dbc548b2bf6c33bb97edc5278a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections