General
-
Target
1900-55-0x0000000000140000-0x0000000000152000-memory.dmp
-
Size
72KB
-
MD5
93cffdc791ab9530387a8a771074b725
-
SHA1
b00a0e1816c27a075f05407007434c6e22c7bf67
-
SHA256
9e6f86f4d42275d884a6e5cf8954d61e228bf807042011fee407b3698be8c6a1
-
SHA512
cec7c292b812bd7a86a15ee588fbe01e258e01c1e5b8d62716e1ed880f7433a3ac63a02c8072e8655b87119362e0fac949c1ccd38f91cbaf6bca2f9d4d960d04
-
SSDEEP
384:tZyHSg98NaIyrLPb3cWESES6ik7azsIij+ZsNO3PlpJKkkjh/TzF7pWns/greT0c:HIywFrzb3cP7QuXQ/oB/+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
5.tcp.eu.ngrok.io:13736
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1900-55-0x0000000000140000-0x0000000000152000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections