General
-
Target
Server.exe
-
Size
37KB
-
MD5
c168b3ae3a87b813c74cbc3c7f86e388
-
SHA1
25974da864703724afe7d0c350d4e37fc6be25e7
-
SHA256
4bd977e577f2c7a486bb2cba261eeec9db3fd12103f63bb03af70fb10e098726
-
SHA512
c812107cbd9fc5a609de1e6386f4fc4eb014e258cbf4d91a29c643505b0d300a330ce1ab75bf0d75576fb15fd4c8c08ffcdf34ce06369f7c30a6783dd03275ed
-
SSDEEP
384:ek2KMizdVjnBhFbJ8ycPN/fnfwacprrAF+rMRTyN/0L+EcoinblneHQM3epzXyNg:B2gVlLJfcPN/XlcNrM+rMRa8Nuc2t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
Clickbait
C2
7.tcp.eu.ngrok.io:12336
Mutex
06e68114a498ee6ce24d9fe4fcf7ef82
Attributes
-
reg_key
06e68114a498ee6ce24d9fe4fcf7ef82
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections