njrat | ec316f5ccd80c60ea9f5dd16d203a59e78f8dc2f43319a1f7f57766bcf7fc6b4 | Triage

Submit
Reports

Overview

overview

Static

static

FortPathes.exe

windows7_x64

FortPathes.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

FortPathes.exe

Resource

win7-20220414-en

njrat someone persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

FortPathes.exe

Resource

win10v2004-20220414-en

njrat someone persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

ec316f5ccd80c60ea9f5dd16d203a59e78f8dc2f43319a1f7f57766bcf7fc6b4
Size

27KB
MD5

a8027c6bf42393de8d926204b0a1a8dc
SHA1

b698cf703be7b6c2f5655c502ba8203657f00da8
SHA256

ec316f5ccd80c60ea9f5dd16d203a59e78f8dc2f43319a1f7f57766bcf7fc6b4
SHA512

40f4ec565f57cf12b19ce615543a610cceddc88110f5786fc483ebf1f7462da489a357316d8aefb9278c894bcc40330e99c8c79ad8f5e1537844f0ad1df14792
SSDEEP

768:g3Xt2hV7tTG+Fg46sJOaZcFWQaEwtSocVMHcN70p3:o2hV5TvFvvU58QGcV3NAB

Score

10^/10

someone njrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

someOne

C2

85.253.176.179:1604

Mutex

Java update

Attributes

reg_key
Java update
splitter
|Hassan|

Signatures

Njrat family
njrat

Files

ec316f5ccd80c60ea9f5dd16d203a59e78f8dc2f43319a1f7f57766bcf7fc6b4
.rar
FortPathes.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Перед_запуском.txt

© 2018-2024

Terms | Privacy