General
-
Target
Server (1).exe
-
Size
93KB
-
MD5
17fad1309e42de8a6f4b866d09c414eb
-
SHA1
0496851effef304f121111d9aae7e3154b2556bb
-
SHA256
a61ece0fc679c88ec5c41aa004befb938feb72d7eee078fe6adb7621dbf9aa6c
-
SHA512
cecc93bcf7fda98c9eb6e429be6ce4d184d02f130b1d42c9b3b7b570fca024a3b6164b0c70c7b626362fe7e4533349e49f157b2ef76b963727ea709923971c14
-
SSDEEP
1536:1GbJD/HBZbszKu9AZpd7r1jEwzGi1dDpD6gS:1GqzK4AZ3HCi1dt/
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
94.131.109.101:5552
Mutex
aa276fc1974312c54b828f06233901ca
Attributes
-
reg_key
aa276fc1974312c54b828f06233901ca
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server (1).exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections