General

  • Target

    2756-73-0x0000000000400000-0x0000000000410000-memory.dmp

  • Size

    64KB

  • MD5

    7c8c706bab60844a77353aa087265456

  • SHA1

    a3898a010287716efb63b964bd86b317888b86a1

  • SHA256

    98de130ba282840b4ccd7f5250029a8d2af77bc38fec75145041742655297839

  • SHA512

    41f7d8042e9a449fdc359f848cec1d17b1492ea5d316dd798f18e18e8e73986b27882f08aa78ea4a2dc26278b2e148d1ff081f1adc83df1a284ff44590535489

  • SSDEEP

    384:nmOs0IiejvCVLO309QmykrtG+dA+VfwvOSiKrAF+rMRTyN/0L+EcoinblneHQM3h:dFdGdkrgYRwWS9rM+rMRa8NuEDt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

0.tcp.in.ngrok.io:19400

Mutex

900e32528e286bf3fa16f687e637183a

Attributes
  • reg_key

    900e32528e286bf3fa16f687e637183a

  • splitter

    |'|'|

Signatures

  • Njrat family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2756-73-0x0000000000400000-0x0000000000410000-memory.dmp
    .exe windows x86


    Headers

    Sections