Behavioral task
behavioral1
Sample
0x000b000000003c9f-55.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0x000b000000003c9f-55.exe
Resource
win10v2004-20220414-en
General
-
Target
0x000b000000003c9f-55.dat
-
Size
37KB
-
MD5
c416df61c2d1b3d75fa5983e282542ce
-
SHA1
e1a98256b16e7a1666871133091743ee11e4a171
-
SHA256
4a6cc991136caa150891fc6dea2eed91cc9c6b40030bee9120e1b8b504ab570e
-
SHA512
ec0b63312f058e46b1106731a87aca84ffe196b4c88c433df7399611fc51a07518cc77c21764d289eb81a13b095c1505e1685591335103818916f33beba82c77
-
SSDEEP
384:KxmE3hUidksXR21cGMy8PIU5fHkFlacpMrAF+rMRTyN/0L+EcoinblneHQM3epzt:2mE3bLGv8PIU58KcarM+rMRa8NusQt
Malware Config
Extracted
njrat
im523
gay
2.tcp.eu.ngrok.io:11696
b40c8069f7901ea328823f37ffd1b3b2
-
reg_key
b40c8069f7901ea328823f37ffd1b3b2
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
0x000b000000003c9f-55.dat.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ