General
-
Target
2732-129-0x00000000004E0000-0x00000000004F2000-memory.dmp
-
Size
72KB
-
MD5
bd8c4d4989ca24db628e3436977be29b
-
SHA1
861795872ef296596f2d13a89e6cb931acdf3ca8
-
SHA256
25fd7bd8401edee015ed93146449c6a28b352627c580e8c852e3dbc8ec25d76b
-
SHA512
0e78230186b06113b08ed18f39da83352198f4e9755c154fcc8d59019c0bf06ef406b28af5118a2def183c0d48bf850393da4ff768e62cb2650d00c72273b57b
-
SSDEEP
384:nZy/AFCxrmvYUy/fHm9qOxAQEIrCZHw5zoIij+ZsNO3PlpJKkkjh/TzF7pWntb/F:ZMAMYgh3HEhecCFeuXQ/oQbX+L
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
hgjdjs.0pe.kr:1
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2732-129-0x00000000004E0000-0x00000000004F2000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections