Behavioral task
behavioral1
Sample
59b586a2f29d59ff6a6c55d26a7c6217139bc0997ecf5ad1d78b7c450dcb1eec.exe
Resource
win7-20220718-en
General
-
Target
59b586a2f29d59ff6a6c55d26a7c6217139bc0997ecf5ad1d78b7c450dcb1eec
-
Size
43KB
-
MD5
04bde56ed6207c3e327dab54c9930bbf
-
SHA1
befa5cad092d8cced1d26648786f55de856245b8
-
SHA256
59b586a2f29d59ff6a6c55d26a7c6217139bc0997ecf5ad1d78b7c450dcb1eec
-
SHA512
7f7e77451387ec604c7d841eadc2ae5cf0ef86a89b4879597d8df23e8ff7ce71656eb016ec1a328b4018abdaa84ee2da4dee035dae49e3b406b7ebc849284528
-
SSDEEP
384:nZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWn5mgra:Z99nU4pEqt5tKhohuuXQ/o8C+L
Malware Config
Extracted
njrat
Njrat 0.7 Golden By Hassan Amiri
HacKed
127.0.0.1:5552
Windows Update
-
reg_key
Windows Update
-
splitter
|Hassan|
Signatures
-
Njrat family
Files
-
59b586a2f29d59ff6a6c55d26a7c6217139bc0997ecf5ad1d78b7c450dcb1eec.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1024B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ