IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

d43b170b2823f13d0be00cdb7e21a1587e058f6b4a59f9db6e3cf00d15f83127

Suspicious Hash
68.29%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2024-12-23 18:36:28
LAST SEEN2025-04-26 12:32:12
CATEGORY
malware
malicious activity
operation system spesific attack(windows os)
attacker
credential access via malicious process replacement and injection
credential harvesting via lsass compromise and potential malware disguise
win32 malware
MITRE
T1059 - Command and Scripting Interpreter
T1134.001 - Token Impersonation/Theft
T1003.001 - LSASS Memory
T1003.005 - Cached Domain Credentials
T1003 - OS Credential Dumping
T1068 - Exploitation for Privilege Escalation
T1134 - Access Token Manipulation
T1555.003 - Credentials from Web Browsers
T1555 - Credentials from Password Stores
T1134.004 - Parent PID Spoofing
TAGS
remote services
credential theft
command and control
threat actor
credential access
distributed attacks
privilege escalation
malicious software
vulnerability management
windows malware
Eye Icon
SOCRadar
AI Insight

The detection of SHA256 hash d43b170b2823f13d0be00cdb7e21a1587e058f6b4a59f9db6e3cf00d15f83127 signifies a potential malware infection within the environment, demanding immediate attention. Multiple threat intelligence feeds, including Cyber Threat Alliance (CTA), Abuse.ch-Hash, SOCRadar Threat Exchange Services, Maltiverse Hash List, FileScan.io - Malicious, and AlienVault OTX Feeds, have flagged this hash as malicious. Analysis indicates an association with njRAT, a remote access trojan (RAT), capable of a wide range of malicious activities including keylogging, credential theft, and remote system control. A successful njRAT infection can lead to significant data breaches, system compromise, and disruption of business operations, potentially causing substantial financial and reputational damage. The presence of this IOC warrants a high-priority investigation to identify affected systems, contain the spread of the malware, and eradicate the threat.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
d43b170b2823f13d0be00cdb7e21a1587e058f6b4a59f9db6e3cf00d15f83127.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Cyber Threat Alliance (CTA)
1
2024-12-23
Abuse.ch-Hash
1
2024-12-20
SOCRadar Threat Exchange Services
1
2025-04-26
Maltiverse Hash List
1
2024-12-20

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.