General

  • Target

    Server.exe

  • Size

    37KB

  • MD5

    3f4050b19fce258b8d5136ef11e34a9b

  • SHA1

    83d7ce89c439684096f7ed561bc0b68cd72a42d0

  • SHA256

    a2546b65796c9ed3ab1cf5acb5f77109e94f58e2ebc00ced0705efdc31bdd6f2

  • SHA512

    985b0b52b2b154628c5f3ae00838b93878292115ee96b0d5a96a231597d8abaf79bb7b03309b92edb60795584c4ba6ab46c559591a27a73a5da2ca4a8cddd0cd

  • SSDEEP

    768:MQkki91twjrlShBFCLIrM+rMRa8NuSdt:MQkki91OjwhB0LT+gRJN5

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

oldtwenty123123-59308.portmap.host:59308

Mutex

49500aaf44fe34a388b839d951c55d82

Attributes
  • reg_key

    49500aaf44fe34a388b839d951c55d82

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections