General
-
Target
2400-55-0x00000000002A0000-0x00000000002AE000-memory.dmp
-
Size
56KB
-
MD5
b255b36a34385df39e59ea66714b4fee
-
SHA1
0e8c4ab01ae986c5b07141033931c8db43084bed
-
SHA256
a94b31d172b6b0717afa4493b432f9322a04e6ebd9e0cccd605e04b31ec99f2b
-
SHA512
7288cb7bc0441d8d7378737adfd556a43dc507dc82dc0d561c6d1d180006727ed1b3ba41a8084215dcf890f2f45a62cd9fa132d4902ff158a9dc7e71c86e17fe
-
SSDEEP
384:fL7qxzDGoEXHWtyXc0gCQP8thFMAAQk93vmhm7UMKmIEecKdbXTzm9bVhcaB6ZrZ:TuFy4pFAA/vMHTi9bD
Score
10/10
Malware Config
Extracted
Family
njrat
Version
v4.0
Botnet
uopfff
C2
212.ip.ply.gg:17869
Mutex
Windows
Attributes
-
reg_key
Windows
-
splitter
|-F-|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2400-55-0x00000000002A0000-0x00000000002AE000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections