General

  • Target

    Server 2.exe

  • Size

    93KB

  • MD5

    ec6bedfc8918668daf892b946d8d8998

  • SHA1

    ee4ef91775da5314e87bda7bd6bdeb6a8479ce0c

  • SHA256

    c661d366b4023b33cbd80de638f69f3784150b1158ea7241bf01ea1f3cdaaf81

  • SHA512

    c1c5829fa03f7b3e4021fec8d051623412e1d7807beb3c144e0e1f148561310289dbb1365ed1e6c031328005e1ae26b15603f90600417ffea14d73a04d384607

  • SSDEEP

    768:8Y3zeZFKghFchQVTqWnwz/1h3XE/blczxXSsvXxrjEtCdnl2pi1Rz4Rk3msGdph3:ne/K6bTq8itNE2VhjEwzGi1dDiDhgS

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Debil

C2

hakim32.ddns.net:2000

127.0.0.1:446

Mutex

cc405cae27ac73abb849a970df5f673a

Attributes
  • reg_key

    cc405cae27ac73abb849a970df5f673a

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server 2.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections