Overview

overview

10

Static

static

10

2004-2-0x0...ry.exe

windows7-x64

10

2004-2-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2004-2-0x0000000000370000-0x000000000037C000-memory.dmp

  • Size

    48KB

  • MD5

    7a7204b8a71c64051700df4a6919c66d

  • SHA1

    36f8ae5f4380114e7ac4e0c5d95b87a9d3fed49a

  • SHA256

    9353c2e0889c0b172363648a3f5b55b36cabef248872a07e1e66491ad87aebbd

  • SHA512

    d4e2e616246d8a118d5a58786cec16c39c5a42da166e3211eeb4f20b24dfdad60c2aa47afc6399c277fbfcd3acfe3f2794749a6affd3b5550817d5754a2f3ba5

  • SSDEEP

    384:fY324bcgPiJLQrfARGSRUJsbY6ZgvSMBD3t8mRvR6JZlbw8hqIusZzZjsW:IL2s+tRyRpcnuk

Score
10/10
fasternjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

FASTER

C2

milla.publicvm.com:1177

Mutex

330ced764afe0e1cb19cc72b852d8d7d

Attributes
  • reg_key

    330ced764afe0e1cb19cc72b852d8d7d

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2004-2-0x0000000000370000-0x000000000037C000-memory.dmp
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections