General
-
Target
Server.exe
-
Size
93KB
-
MD5
2c6c97a98e4d453076c54315d90d341b
-
SHA1
7dcf69380c76921a17785c45632cff615a309e2b
-
SHA256
cb9b090441ac40dc171302815bb209809656d47238f8a7ba29e97807d385700f
-
SHA512
13b2360b78c8bb367b6d8ab98534d02615ba93bee3e39576dc51514b631f5518e9e8456acaa453ce8030902883ccfb60949d267da4de498d3b2132dc705c905c
-
SSDEEP
768:MY3TVnD7O/pBcxYsbae6GIXb9pDX2t98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3TsGx:fVvOx6baIa9RZj00ljEwzGi1dDfDVgS
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
hakim32.ddns.net:2000
127.0.0.1:9875
Mutex
bc259c119d8e97ce9b9d49b85dcd4a83
Attributes
-
reg_key
bc259c119d8e97ce9b9d49b85dcd4a83
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Server.exe
Password: 1234
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections