General

  • Target

    Server.exe

  • Size

    43KB

  • MD5

    7133d91b8cbceb645b8e0c637a2b1a4a

  • SHA1

    f1461fb3646836ea84be36b0369b4cb635bc7c26

  • SHA256

    04648677ce9669c78a16c55c9434867b1cb25d72009c3a1f195601e71fdb2374

  • SHA512

    66d48eb42a34a7b653a87ddf6e593dd2d83ba0d6b6970a5e2717b140f51d3f7f65791a4875a82c3e2c6d2763ceec8e0d85dc3a8be564168452f10e6208257d64

  • SSDEEP

    384:nZyTyFAJ2HytI/jwmwTEUzsQ8qpKz4Iij+ZsNO3PlpJKkkjh/TzF7pWnd/greT0M:Zl2oStYjc1gLqquXQ/oI/+L

Score
10/10

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

data-dakota.gl.at.ply.gg:2094

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections