Behavioral task
behavioral1
Sample
af75bf198fdc4a21ce1758f5843b1036.exe
Resource
win7-en-20211208
General
-
Target
af75bf198fdc4a21ce1758f5843b1036.exe
-
Size
37KB
-
MD5
af75bf198fdc4a21ce1758f5843b1036
-
SHA1
673eb926d11c448cc2a2af4907544068e6c28e25
-
SHA256
50b8b19e4501f07b8bb5cff4640776abddc175a8bf352eebdfef908c2b456e30
-
SHA512
abc31ae1f77ade27a35d773b3d527af73bd9f6bff7f55bbd878e364d872495313b31956133bb1ac8e6af6021ba9d91f39a8de09991b09e056fdf47489b31a001
-
SSDEEP
384:Y+VvEiTbTvpWNcZ0y8fvCv3v3cLkacJEJrAF+rMRTyN/0L+EcoinblneHQM3epz:BV7TZ38fvCv3E1cUrM+rMRa8Nuyht
Malware Config
Extracted
njrat
im523
HacKed
4.tcp.ngrok.io:14567
2d398c18ec3965eac95679b5b376b4ab
-
reg_key
2d398c18ec3965eac95679b5b376b4ab
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
af75bf198fdc4a21ce1758f5843b1036.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ