General

  • Target

    Server.rar

  • Size

    16KB

  • MD5

    e8a8d7bbbe9a77f2fd483f20e878dc56

  • SHA1

    1db8a7d9da8e02aa55d1388f9ca599e9e0767ed5

  • SHA256

    45a92bf914780104b276916d0cc2ca9a03ffbfbd34d0a4c661190c7aadc50027

  • SHA512

    07a7650326946d2e1774259fb753b5205af7622d264e390a9dcc66c170c39fed65adc0151a15643e5d0302db3ab592cb74a9a0082d63ed72e3a7072239b67c16

  • SSDEEP

    384:IndV7G60Ihia7wFXf1xz7C2jc6JA7HaTbes+jC/AuC:In77BPhiac9xz3c6JA7Js+jC/AF

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

d-temporary.gl.at.ply.gg:5900

Mutex

52e1079b6ec9329bd803646866e40ac5

Attributes
  • reg_key

    52e1079b6ec9329bd803646866e40ac5

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.rar
    .rar

    Password: 5900

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    Password: 5900

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections