General

  • Target

    Server.exe

  • Size

    23KB

  • MD5

    1011ca14bd55e56a16a393744aefcc47

  • SHA1

    912b56d8a53e77db250a904c68afb00f39a98429

  • SHA256

    1048b9978e4e8d928c8f5c057c0c1ac6213b4f456b6cf83558e213742f780bea

  • SHA512

    e093b3d79e56691637bf00cf4d1610a3891b7f9501d9874a3ed5fd8f2056a758f6e3270e9435cbe02cf5c2cb37bc07436959d402f76ef11173f93545229d73b3

  • SSDEEP

    384:FweXCQIreJig/8Z7SS1fEBpng6tgL2IBPZVmRvR6JZlbw8hqIusZzZVT:aLq411eRpcnuq

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

20.ip.gl.ply.gg:17798

Mutex

b86f87cbaaa618da21a2bbbc7c7dfc60

Attributes
  • reg_key

    b86f87cbaaa618da21a2bbbc7c7dfc60

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Server.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections