General
-
Target
0x001000000001223a-57.dat
-
Size
65KB
-
MD5
7512d672a1aa2990358a8edb98b8756e
-
SHA1
0240bd7397bfd80fe13df3039122c0802a71c5cf
-
SHA256
fffab737446fb972d49ddc851cfcd103323f499b54ee99ceeba2dbfa0cc46877
-
SHA512
2a6ad544c6e8b9bd6c0a87403c1f4c0cc4e1330f36e64c409701818948a8a71c62691b23dc6debd8fc9b5a0950e4479c5001c64152b712d330347d8bfcaf08b4
-
SSDEEP
1536:hSY8joN36tdQviFw1cwYmBnvbpfLteF3nLrB9z3njaF9b/S9vM:hSY8joN36tdQviFCP/BnFfWl9zzaF9bj
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
Lox
C2
127.0.0.1:27486
Mutex
Defender.exe
Attributes
-
reg_key
Defender.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x001000000001223a-57.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections