njrat | 4b4e6ce587df768d5f3530aa8c2a3a75[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

4b4e6ce587...75.exe

windows7_x64

8

4b4e6ce587...75.exe

windows10-2004_x64

4

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

4b4e6ce587df768d5f3530aa8c2a3a75.exe

Resource

win7-en-20211208

evasion persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4b4e6ce587df768d5f3530aa8c2a3a75.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

General

Target

4b4e6ce587df768d5f3530aa8c2a3a75.exe
Size

324KB
MD5

4b4e6ce587df768d5f3530aa8c2a3a75
SHA1

87169151f1c6b437966e5c54a683b3675d41af95
SHA256

dece4adf99e29edff4ef336fe6f7c40ffb90abd46514985ef86ef7c4fe5e94ed
SHA512

c060f9ce6594cfdd8043c16839bd6db65841b32288cffcec7fe21897611be76e0ae529d4668762478841d91ca6d4f74bbfbe109bb01ea3cfaaaeace1f47373db
SSDEEP

1536:KJdsLi7tBnI6eLK1hyuBaIeigUr2f1KVF9PlR:KJdsLi7tBnIf21hyOt46F9dR

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:7776

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|'|'|

Signatures

Njrat family
njrat

Files

4b4e6ce587df768d5f3530aa8c2a3a75.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy