Overview

overview

10

Static

static

10

2452-28-0x...ry.exe

windows7-x64

2452-28-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2452-28-0x0000000000400000-0x000000000040C000-memory.dmp

  • Size

    48KB

  • MD5

    03edd71a37ab4c8261b0294e258284b0

  • SHA1

    5903513857c6bed594e23d0c6e460fa5689721a7

  • SHA256

    6e142748ef536c44e31894d128077473e8b6accaa3ceb9c464ffc9b2d33d6073

  • SHA512

    6264571df8615f2d454771fd0fc846ca6d4add6949ba619c3692d7094c36988df203ec27c7e0263dcb4968332da4694777114adccde1c61f8840b2ce458ff3e9

  • SSDEEP

    384:E0bUe5XB4e0XWOPnw0Q0mS03AWTxtTUFQqzFPcObbh:BT9BuFI55dSbh

Score
10/10
nyan catnjrat

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

ronymahmoud.casacam.net:5050

Mutex

8f1e01fb78d64f28

Attributes
  • reg_key

    8f1e01fb78d64f28

  • splitter

    @!#&^%$

Signatures

  • Njrat family
    njrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2452-28-0x0000000000400000-0x000000000040C000-memory.dmp
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections