General
-
Target
StUpdate.exe
-
Size
93KB
-
MD5
f2321adc190e7db9b1f3b85e88f7ae54
-
SHA1
0b6126aaab291e1dbe0006411eff27789994aa78
-
SHA256
dfe4b6b4f1bda60e6870666e6e4809a8e3ee4827db737525c9313bfbc87bf5c1
-
SHA512
e07182b6653cbe64c8c1b9d533adc2a476e9490d8cecf0281f12c0187a2915301337bf3f2d96880706f9369e2adf7cb32538c1852e73ce53e1b236515569b830
-
SSDEEP
768:WY3XKBD9O/pBcxYsbae6GIXb9pDX2b98PL0OXLeuXxrjEtCdnl2pi1Rz4Rk3+sGw:NKzOx6baIa9RPj00ljEwzGi1dD6DKgS
Malware Config
Extracted
njrat
0.7d
HacKed
FRANSESCOTI3LjAuFRANSESCOC4x:NTU1Mg==
fb116b75140ecc0173c4ba46bdb8d155
-
reg_key
fb116b75140ecc0173c4ba46bdb8d155
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
StUpdate.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ