njrat | porn__ratnik_parol_123[.]rar | Triage

Submit
Reports

Overview

overview

Static

static

porn.exe

windows7_x64

porn.exe

windows10-2004_x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

porn.exe

Resource

win7-20220414-en

evasion suricata

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

porn.exe

Resource

win10v2004-20220414-en

evasion suricata

windows10-2004_x64

0 signatures

0 seconds

General

Target

porn__ratnik_parol_123.rar
Size

16KB
MD5

f63b8c9a2d769fe4d143cc7fcbf9ddab
SHA1

859abd93f35d92f5389471cd08ea2777ae5e479e
SHA256

e74eff68f4d855b3156a397f504cfae911707ead7faf77562973dde4411b4c71
SHA512

deda572bc939370349a70ea897aefa67320e0fd0c1315c5bb53bbf2e79f4b68ca26581ae4cd62b60e8df97df3857dca2de92c10ed9b86e40b93c3372c56b3e9b
SSDEEP

384:OVpIJ9lewY4WOzuiGS9uEWNrTGPu2L6XCmc+KQ+sagD:6pdwY4xRmEWNrTGG2L6c0

Score

10^/10

lox njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

lox

C2

0.tcp.eu.ngrok.io:18592

Mutex

0293991c6c54420dffa3c5a0d72faa13

Attributes

reg_key
0293991c6c54420dffa3c5a0d72faa13
splitter
|'|'|

Signatures

Njrat family
njrat

Files

porn__ratnik_parol_123.rar
.rar

Password: 123
porn.exe
.exe windows x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy