Overview

overview

10

Static

static

10

f997f9bb36...d8.exe

windows7-x64

10

f997f9bb36...d8.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f997f9bb36f5eb51a34c8b8ad00e9c4532297bf9b27a5596dd1ba6c164fb05d8

  • Size

    23KB

  • MD5

    10ba80420de962b1e93dd3f47691acf7

  • SHA1

    dc92bf5a724c497ac680abb22a8a1d5475b4cd25

  • SHA256

    f997f9bb36f5eb51a34c8b8ad00e9c4532297bf9b27a5596dd1ba6c164fb05d8

  • SHA512

    707a49331f64a57210ecbba008fdb5521aeb73dc614fff7701aad99faf51a69b17e8994f3ed1b2745d4f4bcc942c33a081c6ffd28b3adf90a333099fe58fed32

  • SSDEEP

    384:tqMKyOkBkRbohza8yuTUt7u06zgV4a5pzomRvR6JZlbw8hqIusZzZ0X:H/YI1T0RpcnuR

Score
10/10
the ghostnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

The Ghost

C2

127.0.0.1:777

Mutex

f5a19805427bbfa56254a9812c781075

Attributes
  • reg_key

    f5a19805427bbfa56254a9812c781075

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f997f9bb36f5eb51a34c8b8ad00e9c4532297bf9b27a5596dd1ba6c164fb05d8
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections