General
-
Target
Server.exe
-
Size
93KB
-
MD5
ab5cdf32f239f35cdf49a0fb30c4eb8c
-
SHA1
24a5ac3d07eeb17e1a9b524d351fb621fd23e3a5
-
SHA256
65152d663eeac6c042a32ce33c67d901d8eadb0ad2430ad7eff720501b2aad39
-
SHA512
80f57d04d13d3e947d0d8121e30fee6fc5c031c519e9d389f312aa479f3bdbfc0dde7a455cd12cbf36ce216c3eb2cabde276114b92c70901d2751f831bcf1389
-
SSDEEP
1536:W62C+xhUa9urgOB9RNvM4jEwzGi1dDwDDgS:W6wUa9urgOtdGi1d+8
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
Dalbaeb
C2
hakim32.ddns.net:2000
peter-tampa.gl.at.ply.gg:14640
Mutex
c1636099e37d5b7bda4a720146bfb5ab
Attributes
-
reg_key
c1636099e37d5b7bda4a720146bfb5ab
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections