njrat | 4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849 | Triage

Submit
Reports

Overview

overview

Static

static

4b54e7e3f7...49.exe

windows7_x64

4b54e7e3f7...49.exe

windows10-2004_x64

Sharing

Static task

static1

shareman.exe njrat

Behavioral task

behavioral1

Sample

4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849.exe

Resource

win7-20220414-en

njrat shareman.exe evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849.exe

Resource

win10v2004-20220414-en

njrat shareman.exe evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849
Size

37KB
MD5

b98d25a30a0472eea9a8ead6009a853c
SHA1

e91b5cfbe442299bf72924422e856424087e9a7e
SHA256

4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849
SHA512

4c6ddeddc304ebff72846d115c63f9fe8889f11b44ec5623da22628b5ba258b5b716a02c6722ca483dd466f09db5eea2201af2af8837bc886b9b89c4d4c90314
SSDEEP

384:QTNkooixJLl7OHg1WykrzffL+8GcPE0rAF+rMRTyN/0L+EcoinblneHQM3epzXWx:OkeR1NkrzfSFcvrM+rMRa8NugTt

Score

10^/10

shareman.exe njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

shareman.exe

C2

ayezhiznboram.ddns.net:6344

Mutex

4bdbd1da64cfae6714664f169be7c0ed

Attributes

reg_key
4bdbd1da64cfae6714664f169be7c0ed
splitter
|'|'|

Signatures

Njrat family
njrat

Files

4b54e7e3f754a52d0ed013cd376c069bfdb9e457d134d862b4303691cab03849
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy