General
-
Target
Server.exe
-
Size
93KB
-
MD5
d4e69f46ac4bd8fb65d2fb60852708a4
-
SHA1
92b82d575a7ec29727477f449b04c4a6e29e52a4
-
SHA256
7197c0f6310135ffe9e34af0c013bce6443d705659ab35310b052f2f5ea43e0d
-
SHA512
d90d5a09024a44a3e647081e5a1642c78b14061f41590f07e69b625a406397bac471091314f07d51c81d13c97625abdf787d0b6405125b9c38dc356ad6b0271f
-
SSDEEP
1536:v5rnEoSnsqS5ut/YMR8SjEwzGi1dDqDEgS:v53SnsqS5uVYM+7i1d09
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
85.234.6.210:1337
Mutex
b4b0e85f0431d892cccef3603f549d76
Attributes
-
reg_key
b4b0e85f0431d892cccef3603f549d76
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections