General
-
Target
Server.exe
-
Size
93KB
-
MD5
b7071a1008ce755ea1d9d49573bbd8af
-
SHA1
e9221352026922a6935de37d811af499cf7cec06
-
SHA256
6a17f0d20077d64698dffc77c44dc3a12b86b653375d3adb1f03ad274190a4d8
-
SHA512
fd861c92d33cf79d7ca73cbe0d05035048c6efb6f12c05f6b00f52e5a0c4089d672a2b8a5889252df42bbc090fda11540c7d10783af095f3da3938dba3d8d828
-
SSDEEP
1536:JgZC+xhUa9urgOBPRNvM4jEwzGi1dDfDGgS:JgJUa9urgObdGi1dPr
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
0.tcp.eu.ngrok.io:10266
Mutex
c0edef3577d11ff8fc907a7e196a399a
Attributes
-
reg_key
c0edef3577d11ff8fc907a7e196a399a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections