General
-
Target
New Client.exe
-
Size
329KB
-
MD5
9202baa178d24e6fa0eb45262ac7e16a
-
SHA1
e45b9ed7c3ebd6b7994dc5de645b2a248ad3f770
-
SHA256
6c7c1efa3c4deb1fd07a04620a62183054c99d65918d9fc7858f8005b61e0655
-
SHA512
0ad8b21d9fefcd42b82c60801c1e65381ec769ffa032496a4648917e2f5fb6ce94fb602776c39d9ecbaa01b48fdfbf2f4fef0135d178a8b5cb7c18d2f6952c5a
-
SSDEEP
6144:z1g9zWvMmbhoLVOT/FtBkFHS4bnb5Y1C54hP56eya4oPbLZzXHgTbM0Ckc6D+Kl2:z1NXbhoLVOT/FtBkFHSwnb5Y1C54hP5x
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
Slave
C2
127.0.0.1:11883
Mutex
sys.exe
Attributes
-
reg_key
sys.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
New Client.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections