General
-
Target
4012-119-0x0000000000400000-0x000000000040C000-memory.dmp
-
Size
48KB
-
MD5
9021a582e6cb55ed94fc78045ec649bc
-
SHA1
346851090771ffb7e41b734c7d721550567f9974
-
SHA256
d9fb07f7b5fa8d03e5498c7e2ff1cdea04bab09a648829c05b49f5d0bdc559cd
-
SHA512
77e4e3305af22f815f282ed8df1296629fe811c9c2749e6f5216d5d3da7127d29ae68a4034bba782ee7a61085e8640bee190e03d2082607c1f956ce56c676536
-
SSDEEP
384:q0bUe5XB4e0XWOlWggUBZIG0WTItTUFQqzFSObb0:zT9BuFwggUBZIL4b0
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
respaldo2424.duckdns.org:9090
Mutex
c959d74c7c9745cb
Attributes
-
reg_key
c959d74c7c9745cb
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4012-119-0x0000000000400000-0x000000000040C000-memory.dmp
Headers
Sections