njrat | 5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca | Triage

Submit
Reports

Overview

overview

Static

static

5b214ea4cc...ca.exe

windows7_x64

5b214ea4cc...ca.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca.exe

Resource

win7-20220414-en

njrat q evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca.exe

Resource

win10v2004-20220414-en

njrat q evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca
Size

31KB
MD5

b5d21530538e7822bd6ccbf4458eb903
SHA1

d44b98c09eecc1358dec7378de630d9da63e5a25
SHA256

5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca
SHA512

91c37315bd4372fcd24396aff2efcd018ed83e4c44a8eb4db23f1815cd2114cb9ba2e7dab5509e68edc7e596b5da9abc9173a845531838a275cecbe108388d36
SSDEEP

768:DhxgZV5VXPKzxF+dt2XK/R+rvibQmIDUu0tiQ21j:EfqMiYQVkDaj

Score

10^/10

q njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

q

C2

90.191.122.120:6522

Mutex

255d238b748d6b3fe0502dded68c366c

Attributes

reg_key
255d238b748d6b3fe0502dded68c366c
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Files

5b214ea4cc035e5375f3a6335c847dea72c5db6f8423828d0d27f7ab6ef4e0ca
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy