Overview

overview

10

Static

static

10

Server.exe

windows10-1703-x64

8

Server.exe

windows10-2004-x64

8

Server.exe

ubuntu-18.04-amd64

Server.exe

debian-9-armhf

Server.exe

debian-9-mips

Server.exe

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    Server.exe

  • Size

    93KB

  • MD5

    fc0dfd29a4d84586844d0a3028610901

  • SHA1

    47dde5a664bc88a375718f92c5aaca935fc78b9b

  • SHA256

    a59b492ddae27385905659ff2fe8ad75cb7acea8ebfe6196122e0d72c033f37f

  • SHA512

    818439ebee6e4644895deacfe6d06929638009f3cdfe8c563b0585963a1d9d12b664fe48e940011bdc251ba39146f54cf1f0a7e779837e0fc532e557116fedf4

  • SSDEEP

    1536:RVjY3SUFKnOr70txlZbgQGXejEwzGi1dDtDWgS:RVM7KnOr70tx0Xni1d57

Score
10/10
njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

C2

hakim32.ddns.net:2000

tcp://0.tcp.jp.ngrok.io :18505
Mutex

9b904ef50e6f2cbe01e68be504c4186e

Attributes
  • reg_key

    9b904ef50e6f2cbe01e68be504c4186e

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections