Overview

overview

10

Static

static

10

1508-70-0x...ry.exe

windows7-x64

1

1508-70-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1508-70-0x0000000000400000-0x000000000041A000-memory.dmp

  • Size

    104KB

  • MD5

    183c0cd2310a732c02ffe705f3894183

  • SHA1

    b32be36d9c060f385bef655fb4539d23fec63450

  • SHA256

    4446dffec75e78d35e0b2a9d090f14c437ec786cce39946b3c7cb31aff4dd2c6

  • SHA512

    e1550cb5559a9c8475cc87b96ff278d7c55c3c6b0a2673c042c0ef6dac0e54e6ab706bdcd87841796bb07eece29a28a7c82b49f2f8398bc766aba239dabc1dd4

  • SSDEEP

    1536:65Y+5clbFdDpmS5wpOk3JCK6pFoHTP6fOpd/9nEh9TGCJOR:/FSQwpOk5CK6XO/9ESCJO

Score
10/10
ducknjrat

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

duck

C2

hboduck2013.duckdns.org:1920

Mutex

Client.exe

Attributes
  • reg_key

    Client.exe

  • splitter

    1234

Signatures

Files

  • 1508-70-0x0000000000400000-0x000000000041A000-memory.dmp
    .exe windows x86


    Headers

    Sections