General
-
Target
Server.exe
-
Size
93KB
-
MD5
59c39881593a7b7f60377dba02998937
-
SHA1
bda97dded3ce0870a6e737628e064c7e5bcd0f9c
-
SHA256
e0f12af99a7d090978499ac0787b287cf599ca11fd23abbcc4b5f165f5dba07f
-
SHA512
97d5aaac0153e7b462eff6cd10537a1063163a44dec0e9256ad9baddc99674bdee6ebcc3b080ca07a8e6e71bbe58a41150de4e9ae3793437e6376efce2c3b2dc
-
SSDEEP
768:AY33UnD9O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3wsG1:fUxOx6baIa9RZj00ljEwzGi1dDIDZgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
ksmdoe.ddns.net:9999
Mutex
4f2578cb9e1fa1b2379cd6e73394500f
Attributes
-
reg_key
4f2578cb9e1fa1b2379cd6e73394500f
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections