General

  • Target

    Server.exe

  • Size

    93KB

  • MD5

    bb3fb4c6cf26e4c493e408d0edb5e829

  • SHA1

    88da923e8d993a87b8d8970b54f774b47e2b1dc1

  • SHA256

    c52b9ffe033d174b2f93b44280c637e8fed9ec36cbf0a391c72a4e421830c6eb

  • SHA512

    4d911914d49355b0ebe006b686dd6075b3ba1aa3aeb6425846cd5203d94683f33cbe44cadf909cd68577e404d628e0bfca6fa33b31dc2f668b5673d6446128c7

  • SSDEEP

    1536:MO9r7EkrjaFIs7E5OxFJn8LjEwzGi1dD/DKgS:MOhjau5OfVni1dXP

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

cnet-contracting.gl.at.ply.gg:10206

Mutex

f660f38bbe0ae15ea88c354f03adbfdc

Attributes
  • reg_key

    f660f38bbe0ae15ea88c354f03adbfdc

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections