General
Static task
static1
URLScan task
urlscan1
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
mamasita
C2
hakim32.ddns.net:2000
ago-shopper.gl.at.ply.gg:33932
Mutex
e9b5d9adb3bd2d12b3b209e6217534e3
Attributes
-
reg_key
e9b5d9adb3bd2d12b3b209e6217534e3
-
splitter
|'|'|
Targets
-
-
Modifies Windows Firewall
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.