General

  • Target

    Server.exe

  • Size

    23KB

  • MD5

    eec3e4c86729b800330a8b0312478e58

  • SHA1

    93110b4284258f34d73a14c329623be1f1cffb9c

  • SHA256

    4e9e0a6041a348e713a6b919cb7f2e0754dd22cb046e1b1ef0e222543038e9ab

  • SHA512

    e0cf6aa0110de1eed199ed0c63c5622067f20347ed66a12fb8933b92935699687ecc690ca2d7146a6ceee3f0431563d53c4d988a40dfa8ea29adde5ea5a52a25

  • SSDEEP

    384:qYmdk8XvCJrQLdRGSiEYo7Y65gPyx6BDXNRmRvR6JZlbw8hqIusZzZy3ly:9wWkti8aeRpcnuL0

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

cnet-contracting.gl.at.ply.gg:10206

Mutex

cf2a6cabb60ab913a0c3e3caa2c47947

Attributes
  • reg_key

    cf2a6cabb60ab913a0c3e3caa2c47947

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections