General

  • Target

    ft.server.exe

  • Size

    37KB

  • MD5

    e481569ecba8befd9971a1644b1a6f0d

  • SHA1

    e22e7b39866702efd0772fa96511ff871ad50781

  • SHA256

    1275aa3de74112f8fd4aa2bd856fccb732cf337edadc3e92a7e11b732775f53e

  • SHA512

    6ca77b99afebca543006c3e7dab63a24059a4d5cc18cd6fd8d2fe1a9c864823a3789a90ce4e94d2d67523bbd9a006ab487b62f44a8bf3bd5d985a5a0744d4191

  • SSDEEP

    384:yINyQilEhHeTnMGiyMTp4vrijPMIvrAF+rMRTyN/0L+EcoinblneHQM3epzX/Nrj:1NHSMGxMTp4ubM+rM+rMRa8Nudrt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

C2

7.tcp.eu.ngrok.io:12891

Mutex

04bb0b110981cae57c5751025fdf1d83

Attributes
  • reg_key

    04bb0b110981cae57c5751025fdf1d83

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ft.server.exe
    .exe windows:4 windows x86 arch:x86

    Password: 123

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.