General

  • Target

    Server.exe

  • Size

    93KB

  • MD5

    a60a4d9776ab38aee2bc196c249ecb80

  • SHA1

    42394e6d0afcfd0757b21a596be4108cb6b1e3fb

  • SHA256

    221b0372775de487a0fd7f3f2657945d711973a04b95b0fdd6c56cc703966519

  • SHA512

    40817ca7161ddcbb000c1edbfdf32a278d61493a81132534a167ff2b4b2d0e0c50c4bc4a9f39f389cfa57eb8b74f9e390ac5329b23a24e3be2671cd7d8fd6be6

  • SSDEEP

    1536:5UPTr1IDavlZhbSKl9YdjEwzGi1dDXD4gS:5UPSDavlZIQmqi1dvh

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

TrapNET

C2

hakim32.ddns.net:2000

regional-mechanical.gl.at.ply.gg:19194

Mutex

51b6a75761673b84838f8163ee45ea84

Attributes
  • reg_key

    51b6a75761673b84838f8163ee45ea84

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections