General
-
Target
New Client.exe
-
Size
214KB
-
Sample
240104-xhtp8aghgq
-
MD5
7ccd7ac0f9cb04a6760d3a4d6a919ba2
-
SHA1
91b3acfc87e5adb43c440e8e9fc5700c0aa7948a
-
SHA256
b2d371dd4e9dde0297cf4292a0b19f093b89e2e2b679458a28189115af82c1ea
-
SHA512
78146807b04f37c65c4ee61897d01bdde40c35a84abba9e14b4b22397e361ebe70e271b0def323b718102201ed131f2daa6c56debdda7418d0ff510cfd5f3536
-
SSDEEP
3072:fug0YNoN36txQviFCix4BnefWl9zdaF9blYvMaR:fbxO9zTvMaR
Behavioral task
behavioral1
Sample
New Client.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
New Client.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
njrat
Platinum
YT
127.0.0.1:12107
browser.exe
-
reg_key
browser.exe
-
splitter
|Ghost|
Targets
-
-
Target
New Client.exe
-
Size
214KB
-
MD5
7ccd7ac0f9cb04a6760d3a4d6a919ba2
-
SHA1
91b3acfc87e5adb43c440e8e9fc5700c0aa7948a
-
SHA256
b2d371dd4e9dde0297cf4292a0b19f093b89e2e2b679458a28189115af82c1ea
-
SHA512
78146807b04f37c65c4ee61897d01bdde40c35a84abba9e14b4b22397e361ebe70e271b0def323b718102201ed131f2daa6c56debdda7418d0ff510cfd5f3536
-
SSDEEP
3072:fug0YNoN36txQviFCix4BnefWl9zdaF9blYvMaR:fbxO9zTvMaR
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-