Overview

overview

10

Static

static

10

1384-57-0x...ry.exe

windows7-x64

10

1384-57-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1384-57-0x0000000000A60000-0x0000000000A6C000-memory.dmp

  • Size

    48KB

  • MD5

    ab734360a1da6da4d61ce2e17a46c35e

  • SHA1

    c6db5311cdce17fc38f83a1b2aa4e1916bf13179

  • SHA256

    664bfa637319a3d771a896707360efa3fe76d845ae1ad65eeaa5021edf7ed0e4

  • SHA512

    a48762402431b206dfbf3dcb918d54830e3e70f15e149a801e547013ea7573373c9709b557ab3871e53c188456e966113e07f7a62dfc3c71d251d4ee4516ebad

  • SSDEEP

    384:q8aY1ia0N/IH+WUiWiLcXyUTly2Rc87po6ngB8W+tqlf5mRvR6JZlbw8hqIusZz:f1Re/E+WUiW6ci6NR7tZRpcnux

Score
10/10
hackedtestnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKedTEST

C2

chipo.publicvm.com:1177

Mutex

4c71585ab01a8f1344352fb1f26b00fd

Attributes
  • reg_key

    4c71585ab01a8f1344352fb1f26b00fd

  • splitter

    |'|'|

Signatures

Files

  • 1384-57-0x0000000000A60000-0x0000000000A6C000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections