General
-
Target
3048-3-0x0000000000400000-0x000000000040C000-memory.dmp
-
Size
48KB
-
MD5
dd059c2d9cbb4c0fd273066e6134f861
-
SHA1
30fd4bc573b5b99b607c73d38edf175527fd74d9
-
SHA256
5e5de5057327e12721f2ff4db115ebd0e0e3d17a311b274aef3f7bd3bf076175
-
SHA512
5795c14806b8031ac4a4693fd3656c8d6dd60c56b6ad5370c7ce312ef009f53c0bfb4c4965a8a425456b6ee78fc649c3e2b2efa4935d8303932147805502c03d
-
SSDEEP
384:G+n2650N3qZbATcjRGC5Eo9D46BgnqUhay1ZmRvR6JZlbw8hqIusZzZ5h:5m+71d5XRpcnu8
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
HacKed
C2
fuji9764.no-ip.biz:1177
Mutex
d21c67b51e82b8bfc7a911c3083cd127
Attributes
-
reg_key
d21c67b51e82b8bfc7a911c3083cd127
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
3048-3-0x0000000000400000-0x000000000040C000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections