General
-
Target
1660140x00000000006100000x0000000000650000memory_JC.dmp
-
Size
256KB
-
MD5
df354d41cb9eeb6064629f54aa243450
-
SHA1
b6056d4453385349d020fcf447bf19fccc800570
-
SHA256
2b44054c257780f0297d3a39d48a8fddbd2a2c6e047b4d25dcbb33fdaf0cd7b7
-
SHA512
5e3460ab89943032670eef6478587607a9658b1548b2a5596955b1209df452ac3795c35002c735fc16c441a11d01efecbcb42234cf29da46fc5750c788943ed3
-
SSDEEP
1536:zvKO+4jwQVkLjMvBngxp0ICzoWdLGCQIXI1wEBn2a3pb4rw2UlvLf:99wTLagxp0IqoqnI1wg9Gr/Ut
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
system
C2
147.50.253.241:6522
Mutex
e4d8b898672502b9751c26f7a748bd76
Attributes
-
reg_key
e4d8b898672502b9751c26f7a748bd76
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1660140x00000000006100000x0000000000650000memory_JC.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections