General
-
Target
New Client.exe
-
Size
167KB
-
Sample
240621-t7hsgasamm
-
MD5
c017d1590a20182b9c028bd430457ff2
-
SHA1
c2b52c16527033b33b2df817f5b3ba9032e19b94
-
SHA256
8c13863ad14033c2a65fee9e8f5411a842cbe4a9f1ac54f0e2b818773653e341
-
SHA512
c3e9300c8b01fce85e555c2c3838deffb1c2fda335ceb2b51d040855e2b0ede4e41e1d97a406b1eba6b2f3ef4c0a5aef5c0588d77248bdf5aeafb0c7034412f9
-
SSDEEP
3072:epeOfoN36tLQviFCu9Bn8pfWl9zoaF9b7YvM+UJ8T2SXZyrgoBJtbN/3MCK2kev0:ed79zKvMA/JdSI5eb
Behavioral task
behavioral1
Sample
New Client.exe
Resource
win10-20240404-en
Malware Config
Extracted
njrat
Platinum
LOX
127.0.0.1:17524
Microsoft Edge
-
reg_key
Microsoft Edge
-
splitter
|Ghost|
Targets
-
-
Target
New Client.exe
-
Size
167KB
-
MD5
c017d1590a20182b9c028bd430457ff2
-
SHA1
c2b52c16527033b33b2df817f5b3ba9032e19b94
-
SHA256
8c13863ad14033c2a65fee9e8f5411a842cbe4a9f1ac54f0e2b818773653e341
-
SHA512
c3e9300c8b01fce85e555c2c3838deffb1c2fda335ceb2b51d040855e2b0ede4e41e1d97a406b1eba6b2f3ef4c0a5aef5c0588d77248bdf5aeafb0c7034412f9
-
SSDEEP
3072:epeOfoN36tLQviFCu9Bn8pfWl9zoaF9b7YvM+UJ8T2SXZyrgoBJtbN/3MCK2kev0:ed79zKvMA/JdSI5eb
Score7/10-
Drops startup file
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-