Overview

overview

10

Static

static

10

2584-315-0...ry.exe

windows7-x64

1

2584-315-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2584-315-0x0000000000400000-0x000000000040A000-memory.dmp

  • Size

    40KB

  • MD5

    228c97138fd2832d173ea9fe6a469a4f

  • SHA1

    c156fae1e42a6ceda44ba2839aa41bee31a9431e

  • SHA256

    eb6d14d283596e976fdf3f005692a8a892be6fb096492958be6c5073048e1783

  • SHA512

    7ff0cfb7c00231d9048b778306a2e8a97d365e8ea4e7409f4be303a00f527754c0378988ef3668a05af9a72e0439195c4f27878336f46fbde07a9a5fe49dd4a1

  • SSDEEP

    384:fQeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZ+Fc:A5yBVd7RpcnuG

Score
10/10
frnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

fr

C2

francia.ydns.eu:5553

Mutex

8721754955d2136ee214cac4b72b7338

Attributes
  • reg_key

    8721754955d2136ee214cac4b72b7338

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2584-315-0x0000000000400000-0x000000000040A000-memory.dmp
    .exe windows x86


    Headers

    Sections