General
-
Target
Server.exe
-
Size
93KB
-
MD5
bc2f59b1237f9ac51326492d1d4fee95
-
SHA1
1026a139001ff7ed14d0fce28f62e319ab3cf9db
-
SHA256
f75aeb976afe818d8a81139a1ff296c340929654745828fb4e7e6cd2c91b8947
-
SHA512
b1800b8d7d41c280571a30f39da694797159850df0144cdbcb67e06e71d3bba363fe9613fb4a5e59004304152effef9d3ab1d863f13fe9291a216db6972486c1
-
SSDEEP
768:qY3n2CasdE1chQlnLY4dUz7ar6D6XKDsZ/of6EqXxrjEtCdnl2pi1Rz4Rk32sGdL:B2HsiPnLYV1UVoIjEwzGi1dDSDtgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Retard
C2
hakim32.ddns.net:2000
teaching-wireless.gl.at.ply.gg:39289
Mutex
1ef988936acfa4fd41907d9044e3f5ff
Attributes
-
reg_key
1ef988936acfa4fd41907d9044e3f5ff
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections