Overview

overview

10

Static

static

10

Server.exe

windows7-x64

8

Server.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Server.exe

  • Size

    37KB

  • Sample

    241118-xkxjwsxphl

  • MD5

    795b0a8aa2ac4a21877b1d607044398b

  • SHA1

    1dff34c9fca1a0c5b3ebc4373d07a077d786ca57

  • SHA256

    171f09e74ab03fdb4ee1588296f216820fb8fde118d1f7ff65610ef02b72fea8

  • SHA512

    1a348f2b5bf84472bebaa3b2532ee04decb4447d8a712b8ebadd2452e168988e06b191916d1aa32c176aa5bab2a68952c6542e5f56f6167c85eefe44e8b25256

  • SSDEEP

    384:JmQkkmSiUBFgdnP12ywjrlSxbPF08uCXTrAF+rMRTyN/0L+EcoinblneHQM3epz8:sQkki91twjrlSheFCjrM+rMRa8Nu0/t

Score
10/10
njratnegerdiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

neger

C2

mingrelian.duckdns.org:4444

Mutex

65289bac35b428299fc3c65f033c35f1

Attributes
  • reg_key

    65289bac35b428299fc3c65f033c35f1

  • splitter

    |'|'|

Targets

    • Target

      Server.exe

    • Size

      37KB

    • MD5

      795b0a8aa2ac4a21877b1d607044398b

    • SHA1

      1dff34c9fca1a0c5b3ebc4373d07a077d786ca57

    • SHA256

      171f09e74ab03fdb4ee1588296f216820fb8fde118d1f7ff65610ef02b72fea8

    • SHA512

      1a348f2b5bf84472bebaa3b2532ee04decb4447d8a712b8ebadd2452e168988e06b191916d1aa32c176aa5bab2a68952c6542e5f56f6167c85eefe44e8b25256

    • SSDEEP

      384:JmQkkmSiUBFgdnP12ywjrlSxbPF08uCXTrAF+rMRTyN/0L+EcoinblneHQM3epz8:sQkki91twjrlSheFCjrM+rMRa8Nu0/t

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks