General
-
Target
0x000700000002342c-30.dat
-
Size
65KB
-
MD5
fef0fb51e5e35ca9244420c7675bb346
-
SHA1
ed4284dc3642bf59f8301b68b48fbb03ad5387f3
-
SHA256
21f539d71ad30ea865ccf0ee4dfdf6322b4895ce2cf8af67f120c2dfc84af33b
-
SHA512
66ec13dedfad899f29a5676ae6cb06d5eb357a8b31806154d91764069f748f1f4f5eb479211029bc72f0ee7b1dc3628ba5a8bb0a7e376d37bd4d94c18fb0f043
-
SSDEEP
1536:TYU4MoN36tCQviFw1q2tj+BnvbxmfLteF3nLrB9z3nR6aF9bxS9vM:TYU4MoN36tCQviFCTQBntmfWl9zEaF9p
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
HacKed
C2
127.0.0.1:8848
Mutex
SecurityHealthService.exe
Attributes
-
reg_key
SecurityHealthService.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0x000700000002342c-30.dat
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections