General
-
Target
2212-8-0x0000000000440000-0x0000000000452000-memory.dmp
-
Size
72KB
-
MD5
5348f761b8b3fb6d1f3979b0ce74db97
-
SHA1
213474fed0de61a1fa3b900af60ff0762bdeed30
-
SHA256
94908648da7011c73a9a3179082d0e782c4ae2dca4a15a209287b1c97e0c557d
-
SHA512
39a08dae1edf93eb67a847ae9f4f087ec4c23baca4ad267c982acc00f36583f29047b0b1732cf01a1b69b3437d0a2fdbbb7f13eb6e0203a6148aa3b9afee27f3
-
SSDEEP
1536:7EXR4ByV1rkDtM6HaL9xN3XK5Xs14/PFDu1m3ROQg/SPbogqABA1pAbcz:meQAML9xN3XK5Xs14/PFDu1uROQg/SPI
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
HacKed
C2
abdoooo3.ddns.net:5552
Mutex
Windows Update
Attributes
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2212-8-0x0000000000440000-0x0000000000452000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections