Behavioral task
behavioral1
Sample
Server.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Server.exe
Resource
win10v2004-20220414-en
General
-
Target
Server.exe
-
Size
36KB
-
MD5
55eab3ffc847fd0f929b1f1de9f2c2c8
-
SHA1
3fb45e689e88ee582674ca8c6675577be4b39af4
-
SHA256
426acd2319c62fef0f69dbca51289b13a2a9e6beb6e235603e6c2ef34f80f1b2
-
SHA512
e61478e8df4e82c7f31628c1abf8d1ab6b68c038ce5ac4b2c665bda54921d2e3f213b65448a91577c12daaf910b20cc70fb0e59b5a9dada9f519bc0f29b52fb9
-
SSDEEP
384:pBJr6eSnfNzVWv/TsLUtvl8Xe+mzPLTCn2Ie2Ue/owodLtIanrEp0U:pRSnFGLso/8XTTU1hnez
Malware Config
Extracted
njrat
0.7d
HacKed
https://pastebin.com/raw/HEFUfAcq:5552
6a2634340fbf8a0a2c038c6263d49fd1
-
reg_key
6a2634340fbf8a0a2c038c6263d49fd1
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
Server.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 672B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ