General
-
Target
2332-4-0x00000000004B0000-0x00000000004BC000-memory.dmp
-
Size
48KB
-
MD5
08ac6cae8cecbb9d013682a10c3235dc
-
SHA1
b82491cdf5a65dd3a4087c99f6451f9e7d7c93dc
-
SHA256
822a9469eaf5b3b0ae31894e56947bfd5a6da31bdf61dea587a1ee5320033977
-
SHA512
975bcfb120b089e666ccdc9a0bcfe773ce664d626ba8813a0fae335c000f8794be76f256fbf4c9acb58ae5908e731bfa212f3fe8f0535bc140b82d49f7ae1aa2
-
SSDEEP
384:3MK6b2GZsx/Yr1+liORH1kcPFQ6Lg9gSOYRr9mRvR6JZlbw8hqIusZzZlG3:Qb9glF51LRpcnuyA
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
KARLA 1998
C2
seznam.hopto.org:1177
Mutex
36db42ed563b740681ec3918ded7c343
Attributes
-
reg_key
36db42ed563b740681ec3918ded7c343
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2332-4-0x00000000004B0000-0x00000000004BC000-memory.dmp
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections