General
-
Target
Server.exe
-
Size
93KB
-
MD5
f6675a418b2c5a731eb55d098ff4811b
-
SHA1
2644b64d63915e3fd4bfe24beb310a093d4f441d
-
SHA256
58f5e810373d4099f4730d5d63ca9bcb9088caa3db3aaa1843fa39230db7abf3
-
SHA512
d32e4962e6a85e5c9f025561d4a8401bc056e82842e792b3fc2c488692beac92b935d46c6be444ad708898595ab200e88f672bf5ea73ac0380d98c6f4f291bde
-
SSDEEP
1536:PdwC+xhUa9urgOBPRNvM4jEwzGi1dD7D1gS:PdmUa9urgObdGi1drC
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
fucked
C2
hakim32.ddns.net:2000
fat-pads.gl.at.ply.gg:35059
Mutex
148a892b37f45e5773518d8932c75e38
Attributes
-
reg_key
148a892b37f45e5773518d8932c75e38
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections