Overview

overview

10

Static

static

10

1912-65-0x...ry.exe

windows7-x64

1

1912-65-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1912-65-0x0000000000400000-0x000000000040A000-memory.dmp

  • Size

    40KB

  • MD5

    f937b13469902b1d405e870cc1b60af2

  • SHA1

    34a7eaf92804ec2a27f3874c46b0966bae604b98

  • SHA256

    95e939e7b33631ae3e6d55d9a2be3428939c9cbc2d1129a0e92c3918126f9fd0

  • SHA512

    926ef10fe4ef25bd873d076ec7421583ece753dc7963deff6ce8c227dc675835591c513f53bd323492b70f554b3faff4c792236091756e16a14a9c3117409a8b

  • SSDEEP

    384:/QeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZ+Fp0:g5yBVd7Rpcnuk

Score
10/10
frnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

fr

C2

francia.ydns.eu:5553

Mutex

8721754955d2136ee214cac4b72b7338

Attributes
  • reg_key

    8721754955d2136ee214cac4b72b7338

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1912-65-0x0000000000400000-0x000000000040A000-memory.dmp
    .exe windows x86


    Headers

    Sections