Overview

overview

10

Static

static

10

2816-0-0x0...ry.exe

windows7-x64

10

2816-0-0x0...ry.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2816-0-0x0000000000910000-0x000000000091C000-memory.dmp

  • Size

    48KB

  • MD5

    1fe2a55e3e5183ca8b0261b1582d2ff2

  • SHA1

    3297a8497f16778f3a94689fd3d5ec4d4aecec25

  • SHA256

    7dcaef0a3442fdb263af59d4af0cd67cc08f61c04db6bdbfaf6609b478a52e1c

  • SHA512

    944db584ea4a6356d67c5c47d0c64cb59db8fdb5743e7c852b1aebb7bdc08ca95d30e5e06cad2798170a6aa1c3dc412d3c15b797963c03efa851588326c1aa02

  • SSDEEP

    384:UsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZvOhy:7f65K2Yf1jKRpcnu5o

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

sxtrm.myftp.biz:5552

Mutex

83d48929bdcdaf360ba96d48bcabe6dd

Attributes
  • reg_key

    83d48929bdcdaf360ba96d48bcabe6dd

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2816-0-0x0000000000910000-0x000000000091C000-memory.dmp
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections