Overview

overview

10

Static

static

10

2676-76-0x...ry.exe

windows7-x64

2676-76-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2676-76-0x0000000000400000-0x000000000040C000-memory.dmp

  • Size

    48KB

  • MD5

    0cae0e8baef85ab082740479d465a907

  • SHA1

    cbf78e79d59ce5829ee9229de13c0bf2a694565b

  • SHA256

    56a166bc7a38a233413ac322c706e017e01a4cc320d848231d6f458c4c439ed5

  • SHA512

    b881ea2f8576be2e1a9fdf636ed6d5750baee32410595d04a52c74fc4329f1cadb54942a8d30019b7062a27610bf9f490a53fb2c6f8e69d8cab42182599690a6

  • SSDEEP

    384:zYmCsg/yJrQ7hucGSl7UJx4g6JgfCcosjddmRvR6JZlbw8hqIusZzZwN:crG0Btl7rRpcnuv

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

magas69.tk:12345

Mutex

3ecc8bdea77bdaf267dfb70154955bc6

Attributes
  • reg_key

    3ecc8bdea77bdaf267dfb70154955bc6

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2676-76-0x0000000000400000-0x000000000040C000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections