Overview

overview

10

Static

static

10

2680-272-0...ry.exe

windows7-x64

2680-272-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2680-272-0x0000000000400000-0x000000000040C000-memory.dmp

  • Size

    48KB

  • MD5

    ffec0812ddb38490668c57d35e29f246

  • SHA1

    fc509ac4c83403cc0b1166ecb74d93ccdefa68ce

  • SHA256

    7ea45afd8efeada90ce6c2bc9fbd03979576c2fe511dd4e8f2f5e805c9c53901

  • SHA512

    1700377a4848aa96cd4e989a28246cf150a08ac6895164698172f52454020a0901e00f40ca79fafffee2c0938bb25961de9adc550a698fe288eff4607292ae9b

  • SSDEEP

    384:+0bUe5XB4e0X7Od+SjgkMcWTStTUFQqz9XObbG:vT9BuC8SjeChbG

Score
10/10
nyan catnjrat

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

nj0509.duckdns.org:0509

Mutex

6ce9672712ba4490be

Attributes
  • reg_key

    6ce9672712ba4490be

  • splitter

    @!#&^%$

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2680-272-0x0000000000400000-0x000000000040C000-memory.dmp
    .exe windows x86


    Headers

    Sections