General
-
Target
2940-2-0x0000000000250000-0x000000000025C000-memory.dmp
-
Size
48KB
-
MD5
4dc3ab12ea5097ee8ea255456aa6e5f2
-
SHA1
3341bd383537c8b44f5f562d9cb5b5d02bb48fa9
-
SHA256
5e029b412fe6b6dc120a646ef5fbbfed78d76e11ade3b0ff85c0133c45677af8
-
SHA512
9ac4e919015f7aba44fdfbc62e0e5c9c99749aee69bcd5ce46cf5e151a8a80662cf5b80f640ea00beb34f0f2f50ec0226dca433706f0b1ba0f8e156d2c50eb16
-
SSDEEP
384:80bUe5XB4e0XJgONtIQgYbr9psWT3tTUFQqz94Obbd:pT9Bu9fIQVbJHebd
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7NC
Botnet
NYAN CAT
C2
seznam.zapto.org:5050
Mutex
251577ddb354
Attributes
-
reg_key
251577ddb354
-
splitter
@!#&^%$
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2940-2-0x0000000000250000-0x000000000025C000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections