Overview

overview

10

Static

static

10

2788-12-0x...ry.exe

windows7-x64

1

2788-12-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2788-12-0x0000000000400000-0x0000000000456000-memory.dmp

  • Size

    344KB

  • MD5

    e442f41fb8da37579b729d457b4f9808

  • SHA1

    a955f64ac0209ea37de9c01b165dee82cbc1483d

  • SHA256

    06e17d7dff96de6dafc5e427b9b98ee5fe879456708d08238e4575f43fdcd8b6

  • SHA512

    f1283460711dcf20fce8071f35a68c9fd06e43a97b66892941f45b25afe6c7d021eb51bbe44e394d3cd66f16b3efaef6b06ef91d43faea5bf5a5230410cfb50c

  • SSDEEP

    384:KLonRCOnujECyOwaN7E5kyxQOdvPBt+BMhAQk93vmhm7UMKmIEecKdbXTzm9bVhQ:UbAB/x5hA/vMHTi9bD

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

185.94.29.109:1111

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2788-12-0x0000000000400000-0x0000000000456000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections