General
-
Target
Server.exe
-
Size
93KB
-
MD5
6ecaeda97e71ca06c16f1de261bde554
-
SHA1
03900cc265f0341aa2c46814166f03c15ed7575d
-
SHA256
f00081238b88a0a933dacc79d5406097918cc91454a6045a3b77cd47f825eea8
-
SHA512
fe81c0ca76f61f6afae805ffcb3e3c2b4c5e9a3554a1918b607a48e3535adb5ff1cd9d864a7d5666023cbac0a30458a57f809295789d2c48817646bae3077b8a
-
SSDEEP
768:3Y3D2QtCTpPchQRza90g5rxPXijj2TAuC4qu2XxrjEtCdnl2pi1Rz4Rk3hsGdpk3:S2CC9dzaGwrVJOzjEwzGi1dDxDkgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
5.tcp.eu.ngrok.io:11220
Mutex
3e4126f7efc072b5d006dec011e350d2
Attributes
-
reg_key
3e4126f7efc072b5d006dec011e350d2
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections