njrat | d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580 | Triage

Submit
Reports

Overview

overview

Static

static

d68c663612...80.exe

windows7_x64

d68c663612...80.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580.exe

Resource

win7-20220414-en

njrat svchost evasion persistence trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580.exe

Resource

win10v2004-20220414-en

njrat svchost evasion persistence trojan

windows10-2004_x64

0 signatures

0 seconds

General

Target

d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580
Size

60KB
MD5

65660408a79c1ba98758a0980813933d
SHA1

66fecb46e0ef3b187c159305c27ab2b25a523cf1
SHA256

d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580
SHA512

c31e348ada70abbc338f3e2351ea6058ddc964963d82cdbe4d086f30a7cebc77ad18b541ef82deb1847e239eef94762da791f25770a02c314d7310a3833ca35e
SSDEEP

1536:Y8VkLWnLAvsB+ztBatmEQUr2f1KVS95l:Y8VkLWnLAvsE/G46S9r

Score

10^/10

svchost njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

svchost

C2

127.0.0.1:1177

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|'|'|

Signatures

Njrat family
njrat

Files

d68c663612c92937bbb8e244ef625279f755c768ac4ac97e092f8fd5486c9580
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy