Overview

overview

10

Static

static

10

3068-18-0x...ry.exe

windows7-x64

10

3068-18-0x...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3068-18-0x00000000002E0000-0x00000000002EC000-memory.dmp

  • Size

    48KB

  • MD5

    d7bb984bcbeaaf2873aea2bce3a36073

  • SHA1

    f3cc4c1f1958ad809396bc00945d10b5c4968ec7

  • SHA256

    3f0dcf0987034aacac24fbc428045c6e531240053f4027417abb0fa57626e5da

  • SHA512

    ac7fa655f2ece9fd17fbb50a03e0154619c67c91b01dfe3eabb1ee80ce50db391aa8974167899a4bda264fc6773102e2103ca45bcb867be903a8da2fd6010ad7

  • SSDEEP

    384:mluBPiZCMfdfSJrQbsLRGSIxYVL46pg/i8BD9BmRvR6JZlbw8hqIusZzZhnJ:JOmhtIiRpcnuqJ

Score
10/10
pro-systemnjrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Pro-SYstem

C2

x555hd.ddns.net:555

Mutex

9e82a5ccaed752a57fda004b4018de61

Attributes
  • reg_key

    9e82a5ccaed752a57fda004b4018de61

  • splitter

    |'|'|

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3068-18-0x00000000002E0000-0x00000000002EC000-memory.dmp
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections