General

  • Target

    Server.exe

  • Size

    37KB

  • MD5

    c421a92b2889871191d33a8a04d97ce0

  • SHA1

    39931c2c83520838c6ae48f5f3d178b8dcdda453

  • SHA256

    cee57b33d9a14bfa7d99377f01de76e84866d56502b0a39ba864f23694361f99

  • SHA512

    848c6e28d70a1196378944ca06f12d7dd18c8b1591035271bb21d25f028b98fb70a49c63b14f578c806230095836345bb8ac37ba6c2477455c430774b9c6bfbf

  • SSDEEP

    768:ykcNwMslUV0bwO/+i8airM+rMRa8Nu3Qt:yH0lU6x+ixd+gRJNU

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

ctfmon

C2

4.tcp.eu.ngrok.io:12138

Mutex

c75d7fe7b676826b38271224a9b87371

Attributes
  • reg_key

    c75d7fe7b676826b38271224a9b87371

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections