Overview

overview

10

Static

static

10

1528-147-0...ry.exe

windows7-x64

1528-147-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1528-147-0x0000000000400000-0x000000000040C000-memory.dmp

  • Size

    48KB

  • MD5

    32cca00c4fe985b1b31ed2ce39709991

  • SHA1

    4263ad28b4a3ff9bae53fd5c18cd5b4c4aab8c2e

  • SHA256

    b3fd135c28239220cdd81293f5a804ceb63c187de36f4c339e66542146821b43

  • SHA512

    35eeae85c35059b230ba10146f7d9da31d0fec0be2b5e218ba1d58e22c559c04617b0b6f245ed52e9634185cc9f86535e6e26fbf5c47e72dc597836ad19edc0e

  • SSDEEP

    384:/0bUe5XB4e0X9OxUc6WQzyWTJtTUFQqz9MObbj:0T9BuEucrQp2bj

Score
10/10
nyan catnjrat

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

njnjnjs.duckdns.org:35888

Mutex

6515f0beea

Attributes
  • reg_key

    6515f0beea

  • splitter

    @!#&^%$

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1528-147-0x0000000000400000-0x000000000040C000-memory.dmp
    .exe windows x86


    Headers

    Sections