General
-
Target
2708-30-0x0000000004F10000-0x0000000004F2E000-memory.dmp
-
Size
120KB
-
MD5
9cad230d443290feeeb31efbe95aa57c
-
SHA1
a4b6238361efd6da0eca09bb3a4e22f9b89e6fcf
-
SHA256
c73e7489cfdf0593485512dfd3e69879c0b8e011f59dfcbf0d2596bed18f856a
-
SHA512
e5e6ea53f92aa482a0be9179c8174b3e2cd5c2f850d4fa7b71bcf61e14fe26113436e38e520689412034de92564aff8a0587c19fe686c5d7aa2e1e2dd8805ccf
-
SSDEEP
384:FlLnuBFhM7OA0102PgPGCYiPRhVXM9AQk93vmhm7UMKmIEecKdbXTzm9bVhcaHh3:Xn6FXc2Ew9A/vMHTi9bDHR9PBHcYvC
Score
10/10
Malware Config
Extracted
Family
njrat
Version
v2.0
Botnet
samoda
C2
16.ip.gl.ply.gg:3958
Mutex
Windows
Attributes
-
reg_key
Windows
-
splitter
|-F-|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2708-30-0x0000000004F10000-0x0000000004F2E000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections