Overview

overview

10

Static

static

10

2696-14-0x...ry.exe

windows7-x64

2696-14-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2696-14-0x0000000000400000-0x000000000040E000-memory.dmp

  • Size

    56KB

  • MD5

    c6063784079faad1ff1d64fc54ffc9c5

  • SHA1

    f05517fc22ca6787f19f16fef7047b7e5ef90796

  • SHA256

    b05f9938be94df389a51945636f610dcf3c36f598346de4f21174897fbd1d003

  • SHA512

    114299ee1dab16a939a5151c7500cfadf654568448c2da5b44232aa5f4388cfa00c76188792982f1fe8062a08188bc98368b03a7c247852e8b956e9a7db8ac1f

  • SSDEEP

    384:3Lam4PanO4Y7pcdYGiTOCsPodxxM2AQk93vmhm7UMKmIEecKdbXTzm9bVhca76S1:763vc7OQ2A/vMHTi9bD

Score
10/10
hackednjrat

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

01.92.240.141:5577

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2696-14-0x0000000000400000-0x000000000040E000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections