General
-
Target
Server.exe
-
Size
74KB
-
MD5
a9d4736d671d6021fa3de394d96093f7
-
SHA1
9e3709d07c94449012efc32458cf9174d710083e
-
SHA256
a6bdffacf9b48d579ec779e5e333a29c585355eaae1d1805c1fa83f37a775b03
-
SHA512
1e72a76daae7abd75c662ad405bdd94e02d3d992c062fc8dfcf9322bd7684cc7669f20e29363dc3e02c058aada70902a42feb7c9777dc9e419464e97b7aece5b
-
SSDEEP
384:MGHbTgiG1CHZfursvO6yszaDIvRpTHW0CrAF+rMRTyN/0L+EcoinblneHQM3epzF:MWbn5WpszaDInDW/rM+rMRa8NuZttCK
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
BotLLL
C2
5.101.21.20:1555
Mutex
97b8d58e73d0bc66f138fa548c448a79
Attributes
-
reg_key
97b8d58e73d0bc66f138fa548c448a79
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections