General
-
Target
Server.exe
-
Size
93KB
-
MD5
c107605e81d3b4d3830901e61e4320e5
-
SHA1
1496474d8e959f61df0e6e720f0cdd3c81c862d6
-
SHA256
2be3472ff25f019d29805a300a562c6851e368926641fad12cedccdc3ea27066
-
SHA512
8f914c91ff6457ccf615f39c5ce7ecac7b71690038222e6ebb92f7a9be075a89d07a67f0ddb34651a82ecc154486d0833dab338d23b4631d06fd272e53aaa9c9
-
SSDEEP
1536:QOpnEoSnsqS5ut9YMR8SjEwzGi1dDdD+gS:QOVSnsqS5uTYM+7i1d5j
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
dead-reviewer.gl.at.ply.gg:60161
Mutex
667ccc5fc0f32d7dd6d82c580fdad9ec
Attributes
-
reg_key
667ccc5fc0f32d7dd6d82c580fdad9ec
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections