General
-
Target
Server.exe
-
Size
93KB
-
MD5
77569c49188ab04b3ed8fef0dfbef2cf
-
SHA1
413db869e07385a42e1f9a1209822fa41ec8cf8a
-
SHA256
dee23e85d531e80655457b017752bb99378ba91819e5a85ccf9343a1094a1a4c
-
SHA512
ea2b7c6e94f0559f9d1ac48f797e4fe40849e531088cb4a145247d6ad9da9488f2ce1acf0f7384ecf7df8fb5165470919de75e12cd2bf554d47cde14853ffe2a
-
SSDEEP
1536:RGbJD/HBZbszKu9AZpd7r1jEwzGi1dD3DEgS:RGqzK4AZ3HCi1dn9
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
paper-cancelled.gl.at.ply.gg:51045
Mutex
7771b946967346d29becdca43bc7858a
Attributes
-
reg_key
7771b946967346d29becdca43bc7858a
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections