General

  • Target

    New Client.exe

  • Size

    65KB

  • MD5

    fa25370820736b67512a9c6afda2be58

  • SHA1

    01183ef3217293216f73958d283c8caea697ad41

  • SHA256

    16fe2ff66e926cbd1789c0bea1afb6b7d376aef2fbc73e496507a85e9a9e86c1

  • SHA512

    1d02f20d93fca6e1efe77b5b017dec428af5dc6ac8daed2dfc30c67dd39405529644427f7e7e06e5dfcd3f1b6a3888a2f7f6ef667647670508365d5196270d55

  • SSDEEP

    1536:t671KqboN36twQviFw1b3kEBnvbgfLteF3nLrB9z3nEaF9bjS9vM:t6hKqboN36twQviFCzpBnMfWl9zUaF9D

Score
10/10

Malware Config

Extracted

Family

njrat

Version

Platinum

Botnet

HacKed

C2

127.0.0.1:4356

Mutex

Client.exe

Attributes
  • reg_key

    Client.exe

  • splitter

    |Ghost|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • New Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections