General
-
Target
1916-1-0x00000000009A0000-0x00000000009B8000-memory.dmp
-
Size
96KB
-
MD5
c00262699ae0facbf297badd09233876
-
SHA1
305a02a7c0623004c6b9fa2c91a883f840d751bc
-
SHA256
00b3837b4417d77fce4803de069ccd1c7c453542067e52601947b744f9bf5239
-
SHA512
845e7df25e8e4db1203b5f4abeef885c556f9a453ae99333cd0e2ff081f740245fdc1fc6311e1e83349d06895affa640808c67dd93e176fc8fd463c8ceb6ea65
-
SSDEEP
1536:qExAU0oN36tuQviFw15GHyBnvb3fLteF3nLrB9z3nOaF9bhS9vM:bxAU0oN36tuQviFCYSBnDfWl9zeaF9bV
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Platinum
Botnet
Cheats
C2
127.0.0.1:1
Mutex
smss.exe
Attributes
-
reg_key
smss.exe
-
splitter
|Ghost|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1916-1-0x00000000009A0000-0x00000000009B8000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections