General
-
Target
Server.exe
-
Size
93KB
-
MD5
c0140c73172f0814dbb32f0921cee92c
-
SHA1
b56ef1a9df07ca886c2dcea9fbf5ab9ec3f2f729
-
SHA256
a5079f4f65eaa837509d71264467c570729a569b117d9a6cc53e61cd1ff36c0c
-
SHA512
22951cbd29dfaf681f80b07fb92d54d93e226c3f3d68fb9d9471b58016cae26cd3121f99a29d8484db6295e141671d04af047dcd0e15535fa9c029fce86c5e92
-
SSDEEP
1536:VomZylozW+y1TMCY2GwNjEwzGi1dDSxD0gS:VomvW+MMCjB6i1dst
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
insurance-helmet.gl.at.ply.gg:31388
Mutex
7e94b452d537da01e083244b8e3ad85a
Attributes
-
reg_key
7e94b452d537da01e083244b8e3ad85a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections