General

  • Target

    Servertest.exe

  • Size

    29KB

  • MD5

    2ad96847e362b0605d8b0d66aca489d4

  • SHA1

    56e4f4d611eebdd160fd83ed27e8969bda6838ee

  • SHA256

    d6963effaed4603f369eb379c85dab05de85717d220ca95db548f4f1cc109cdb

  • SHA512

    041a32a88e2ba7c3effcf3cdc941613296e3651dd4ee3d9907bdd6090c4450e8da8056c3ada0886816ca8971a9cc2121f7a4add16436d0df4473646ab2d9bc8c

  • SSDEEP

    384:1RWSNl7XNZossquAPJ5zylqbmGmqDc5ne4qGBsbh0w4wlAokw9OhgOL1vYRGOZz4:1l7DossnAhuqb4qcneIBKh0p29SgRBa

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

HacKed

C2

a5c68dc3d407a6bb52a2b69f65f17c3e.serveo.net:4444

Mutex

5cd8f17f4086744065eb0992a09e05a2

Attributes
  • reg_key

    5cd8f17f4086744065eb0992a09e05a2

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Servertest.exe
    .exe windows:4 windows x86 arch:x86

    Password: cxvxcvxcvxcvxcvxc

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections