General
-
Target
Server.exe
-
Size
93KB
-
MD5
b993438523fae1d0a8244a3b57e4a726
-
SHA1
7f565c962dd7ffc25ef0a6506f52f30a94373822
-
SHA256
cc6e64f1e803187b6363577f988f10948a5a7c9f886f7e78a4a9915a596f36c6
-
SHA512
1d83b995100dfd31be0673a68c75cd0eee3de3ba8c715f610fddcc161e79affb4495c7959fa922989faadfcd5fdd1e6efb84a530c3a4d90c01572e737696624b
-
SSDEEP
1536:j//r7EkrjaFIs7E5Ox8Jn8njEwzGi1dD/DHgS:j/7jau5OKVLi1dXA
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
156.206.138.228:5552
Mutex
09e4230594947f8ad3dc845bf2c98273
Attributes
-
reg_key
09e4230594947f8ad3dc845bf2c98273
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections