Overview

overview

10

Static

static

10

2588-269-0...ry.exe

windows7-x64

2588-269-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2588-269-0x0000000000400000-0x000000000040C000-memory.dmp

  • Size

    48KB

  • MD5

    69d86ee1881b51ad90343c9510fc5236

  • SHA1

    b488b678c71299379482b4054827fb42459e5749

  • SHA256

    689bd10befadc6060b09e27095e78bbc664cfac011a12a4a70b5fe6d4f26c825

  • SHA512

    0e3cf48900d861c1e9104488f5adfa65235980548dcdbdad2de3d83c5fba329eb3752483b5c001c315b0ebc18d65c9947e9d538f2e8d6258766058956aad5942

  • SSDEEP

    384:u0bUe5XB4e0X7Od+SjgkMcWTStTUFQqz9XObbG:/T9BuC8SjeChbG

Score
10/10
nyan catnjrat

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

nj0509.duckdns.org:0509

Mutex

6ce9672712ba4490be

Attributes
  • reg_key

    6ce9672712ba4490be

  • splitter

    @!#&^%$

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2588-269-0x0000000000400000-0x000000000040C000-memory.dmp
    .exe windows x86


    Headers

    Sections