Overview

overview

10

Static

static

10

2804-56-0x...ry.exe

windows7-x64

2804-56-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2804-56-0x0000000000400000-0x0000000000412000-memory.dmp

  • Size

    72KB

  • MD5

    c83c1b04ff5393c43f72a2333211d89e

  • SHA1

    3db4dea0a66e17e906543a4fbe050de8c0211732

  • SHA256

    53383420fae4b6c629c246d755ce19753f12b2df8477ec976551186812381744

  • SHA512

    ee9491623a7ad9042fd08fee4e66b9349bbf91deb41e7476d1f29876b51090cf05f356316ce9499ec6a90c0cc77762c7e58e8a435ef6587b4ed55cbf4e0ea51e

  • SSDEEP

    384:iZyq+IkFAJ2HytIHJmC/WHBMozso8qp0u9D9O5UE5QzwBlpJNakkjh/TzF7pWnRN:QN+/2oStIpmC/sVgzqqvQO+cl+L

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

tyfdfdfs.ddns.net:5552

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2804-56-0x0000000000400000-0x0000000000412000-memory.dmp
    .exe windows x86


    Headers

    Sections