General

  • Target

    Server.exe

  • Size

    93KB

  • MD5

    755688ce1460f1e250b96f877e51271f

  • SHA1

    e1a3c94933bcc69b345e946e7cbba14d0b0174b7

  • SHA256

    d5ce93a2947d1999f9821fd43e4e7ffc56d0f4715b37545e680a27ec025972ea

  • SHA512

    d99079460c262ed293494fe7c7a9f4ca58ffd2c291db9d7241aaac967dbbe75612cd0d73bcd2a171386a543d90a166340185da1e2850c63b62f12026097a3d26

  • SSDEEP

    768:MY3CfHWYbIMHrXsZ4mI8eGN/BbEMiDtdXxEGLY2ehVXxrjEtCdnl2pi1Rz4Rk3SZ:mHWMIIR8eGn7Wr42SjEwzGi1dDOxDgS

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

since-searching.gl.at.ply.gg:7777

Mutex

ad75a6bc6b0eeb11f2c6794d9bb8e158

Attributes
  • reg_key

    ad75a6bc6b0eeb11f2c6794d9bb8e158

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections