General
-
Target
Server2.exe
-
Size
93KB
-
MD5
99e853cafc9f7388bfb2c589befa031c
-
SHA1
dafdcf6b18fc510749bc8954f061f3746c1213b2
-
SHA256
32064b227c71528839b8e12b5b146ca30c7c8b14dd2de844a7f9ac33447d9e1b
-
SHA512
6885636a339fd11c16b8d54ee4a3579d8abbd101d24802d944bf6b05d57c846061c4c20b322cede761b5349d0710855a7cab3f6db14c510a4aa322f161143894
-
SSDEEP
1536:i55edxQJ9waK7jh7CQjEwzGi1dDJDrgS:i50QJ9waK7jtCBi1d1k
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
tr2.localto.net:38960
Mutex
826b22ef700aaefcf31da94d3a2fb0b7
Attributes
-
reg_key
826b22ef700aaefcf31da94d3a2fb0b7
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server2.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections