General
-
Target
2704-26-0x0000000000400000-0x000000000040C000-memory.dmp
-
Size
48KB
-
MD5
8ff9e5a699b3308a2d896e80593126cd
-
SHA1
a11cb9360a0df3a6d3658e0114c56daa0b8d286b
-
SHA256
70667c2af62c210537dd786033b42dd1254fc96e01db69c36af0ed73897f6cc6
-
SHA512
8bbb69ed9c7ee7356ef9a1a8b78db0402f169bd3cff8475181747205243291c793deb4ecfda4f6206ee6e1608d235c3ca15b3acc3acfae4e8ec11b4becf2bc9e
-
SSDEEP
384:Ic6ze6e1PAhJVzC3tC1im/BsTx46PgZ0rap9HBmRvR6JZlbw8hqIusZzZzI:8e9EJLN/yRpcnuj
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
neuf
C2
doddyfire.linkpc.net:10000
Mutex
e1a87040f2026369a233f9ae76301b7b
Attributes
-
reg_key
e1a87040f2026369a233f9ae76301b7b
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2704-26-0x0000000000400000-0x000000000040C000-memory.dmp
Headers
Sections