General
-
Target
3020-4-0x00000000021A0000-0x00000000021AC000-memory.dmp
-
Size
48KB
-
MD5
76946303d472f728b2cc2b67c1453fee
-
SHA1
a070923cf779145dd2244d339061e4a1dceaf4aa
-
SHA256
f3f9271ae8799336acfda326fba3e1cd7dbba9fe2b07aa4b1eda90e79e649793
-
SHA512
846358a5852c193846d3607a9e993b23f58b76cbab7f2a3b0e013cbff737d1f18c25f115aba3c0cc8d1611f0e78a1d85764dc7f660a2f865ebaa145e52d41e9d
-
SSDEEP
384:VPoWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZGS:Vo7O89p2rRpcnuK
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
127.0.0.1:5552
Mutex
162f71f7ffbaf34cff578886b8650868
Attributes
-
reg_key
162f71f7ffbaf34cff578886b8650868
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3020-4-0x00000000021A0000-0x00000000021AC000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections