General
-
Target
Server.exe
-
Size
37KB
-
MD5
49a921f211a88e7b6452ff0db36fbc4a
-
SHA1
87a6cd05446eb3f233f48c0c2f115925b969ba3a
-
SHA256
ab90d7950da41dba96d219ce4497722bb0c8b4aeaf385c80502c545b227b69b1
-
SHA512
70928a6bae9e6f7499414a76f8636b9a6557ec14b1374cdd0546a243f3c2f8d9d126a097082229de3aab3b3b472e33cc928f4ba6ba3c376191d2a48def3bfee1
-
SSDEEP
384:3cn11rCiMH3jBVbJsy8P5MbAoxv/vvQ6kxOrAF+rMRTyN/0L+EcoinblneHQM3ea:snKbJP8P5AAiH1kErM+rMRa8NuZ0t
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
HacKed
C2
cars-fraction.gl.at.ply.gg:29545
Mutex
754b9f121410300c0c4419382472a000
Attributes
-
reg_key
754b9f121410300c0c4419382472a000
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections