General
-
Target
46cddbe0ce9c4e9a31919ea4638ea5f4932893d81be8068b891324373db1a55bN.exe
-
Size
39KB
-
Sample
241124-v7jkfaxlaq
-
MD5
9d58045840961c76837895d303b5e7b0
-
SHA1
dcfbd3c1a678eaf20b20428ee2953023e4e3bbf7
-
SHA256
46cddbe0ce9c4e9a31919ea4638ea5f4932893d81be8068b891324373db1a55b
-
SHA512
f482b84ef274198c75990ffd3476c0b11c55ca9978eac379e6c3616412a258832d36c34d0812f5839fc82c6be0f47c88ee28e8a9c690fa4927bbb26ad916146c
-
SSDEEP
768:VvASIisql251c6opnV0jZJ/s8B8RnVMZ8pBz3bdHUCRKSBsL+DEplyLnEI:inql2ncFpngZFsrKcZRKSCL+D+w/
Malware Config
Extracted
njrat
Platinum
loshara
127.0.0.1:80
Client.exe
-
reg_key
Client.exe
-
splitter
|Ghost|
Targets
-
-
Target
46cddbe0ce9c4e9a31919ea4638ea5f4932893d81be8068b891324373db1a55bN.exe
-
Size
39KB
-
MD5
9d58045840961c76837895d303b5e7b0
-
SHA1
dcfbd3c1a678eaf20b20428ee2953023e4e3bbf7
-
SHA256
46cddbe0ce9c4e9a31919ea4638ea5f4932893d81be8068b891324373db1a55b
-
SHA512
f482b84ef274198c75990ffd3476c0b11c55ca9978eac379e6c3616412a258832d36c34d0812f5839fc82c6be0f47c88ee28e8a9c690fa4927bbb26ad916146c
-
SSDEEP
768:VvASIisql251c6opnV0jZJ/s8B8RnVMZ8pBz3bdHUCRKSBsL+DEplyLnEI:inql2ncFpngZFsrKcZRKSCL+D+w/
Score10/10-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Drops startup file
-
Adds Run key to start application
-