General
-
Target
b9e65b2ce06650e120bcbbb878a02d8ad952fc4c6b4a89420d878b775c3a41d0
-
Size
123KB
-
MD5
f44db3a3fff285ec8b173833aa8df6b2
-
SHA1
1263ca9e696083a2f9af276dcfa2237206ce7ba1
-
SHA256
b9e65b2ce06650e120bcbbb878a02d8ad952fc4c6b4a89420d878b775c3a41d0
-
SHA512
852fb12f3a228a4b035b3a770e10a13c8d5aed510cc5054634edf9eb6b01fc5c129d954588d3963c2c6bb4756b6b1cca64f52066f761ff553c7764ef2a346681
-
SSDEEP
3072:9HiSkoN36tnQviFCJKBnMfWl9zDaF9bGYvMH:9l69zKvM
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
дюп на ресы
C2
127.0.0.1:54720
Mutex
svchost.exe
Attributes
-
reg_key
svchost.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b9e65b2ce06650e120bcbbb878a02d8ad952fc4c6b4a89420d878b775c3a41d0
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections