Behavioral task
behavioral1
Sample
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3.exe
Resource
win7-20220414-en
General
-
Target
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
Size
22KB
-
MD5
3ca22ed6e206f18c2daddf9ac5f68165
-
SHA1
fe3e43c18985e2f5da3cec5df75d3cb91230e21f
-
SHA256
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3
-
SHA512
4f2704f06fd9ddac90df14dd97622e1514e4f4319c665d55bcf4f1aadc9b30e1291586646ce71449d762db3d99fd0af2190ee09b0b2ecb877c441b079b7311c0
-
SSDEEP
384:Ya3mdk8XvUJjuDp5OSOKcl3g65gPGxONvJlmRvR6JZlbw8hqIusZzZFeK:YywUSVOVLRpcnuiF
Malware Config
Extracted
njrat
Hallaj PRO Rat [Fixed]
HacKed
mack2.3utilities.com:5552
bded9d5613797f058ea990770ab6a325
-
reg_key
bded9d5613797f058ea990770ab6a325
-
splitter
boolLove
Signatures
-
Njrat family
Files
-
35109a7c184ca56c98de576d7eb37545b4bdf5e3297ec8b293f5c294663925f3.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ