General
-
Target
Server.exe
-
Size
37KB
-
MD5
5a4dae19d3d1bdd2d0981af319ee67df
-
SHA1
b8d6bca6d3d3c030b79e7af2e74894b1c0887a58
-
SHA256
ec0cead51ff2056d1505981d1d71d491444caa99f95ab0d060f96941448b18aa
-
SHA512
0aa31b94462569a64aecbe1d4ec2ed5f02e2018659c08917ca7def5cc864f2ec21db74dd744ca7d3ab99679cd4877976bb96b224e49cf03996f82a74b2b281f4
-
SSDEEP
384:+7d6UiDdblmJEpRGyEfLZf5ugCYayNFrAF+rMRTyN/0L+EcoinblneHQM3epzXiK:SdiHpR9EfLZcgClyfrM+rMRa8Nuwut
Score
10/10
Malware Config
Extracted
Family
njrat
Version
im523
Botnet
svchost
C2
unit-latinas.gl.at.ply.gg:4041
Mutex
fed81a89969583309edb3940876a315d
Attributes
-
reg_key
fed81a89969583309edb3940876a315d
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections