General
-
Target
hkjgffghjmndfghjkmn.exe
-
Size
214KB
-
MD5
ff597c410849c7990349bc95fc699a6a
-
SHA1
ae95a9414774ffbda7ca417df206c80b66bf93fa
-
SHA256
1a3113c913b5e7c840c17d3c63a66fa32ea62aae5e4da54aac3488b520e3ed15
-
SHA512
b9b09ec63f15bb0464cc02c280fa016cecd5eb90c84ab67c71b2c9db10539e3c6ea3bf575ecba62336d29c41985bd92d82d572bb1b9d80bce8e8e1c2efceb7c8
-
SSDEEP
6144:U/z9zavM92B+64kQ2EJam2dNREz9FdOZMJwGuE4QyZom8exsrPR5TE7D0XuDTTo6:U/8s2B+64kQHam2dNREz9FdOZMJwGuEu
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
HacKed
C2
127.0.0.1:17155
Mutex
Client.exe
Attributes
-
reg_key
Client.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
hkjgffghjmndfghjkmn.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections