Behavioral task
behavioral1
Sample
a995f654512c7d95ddb62ab82f260f60.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
a995f654512c7d95ddb62ab82f260f60.exe
Resource
win10v2004-20220812-en
General
-
Target
a995f654512c7d95ddb62ab82f260f60.exe
-
Size
32KB
-
MD5
a995f654512c7d95ddb62ab82f260f60
-
SHA1
2fe27131d6841a9ba61a6d91f86c0dd1e4e4f049
-
SHA256
0ef9750fc229e63524e488c690fcba909187c777f46a5c165b839a755c466b23
-
SHA512
84ffcf8d65f0fff560e8a861ddd6c193381803d8b96e185a3caad55c49ccef09355d5a117188864eedec579202464bb9be7c22400c5b85a58777914c939c16ab
-
SSDEEP
384:E0bUe5XB4e0XEpOjfqSjgkMyWTUtTUFQqz9RObbg:BT9Bu1jiSjeePbg
Malware Config
Extracted
njrat
0.7NC
NYAN CAT
isanachase.duckdns.org:8080
48baaa1d2b1b404
-
reg_key
48baaa1d2b1b404
-
splitter
@!#&^%$
Signatures
-
Njrat family
Files
-
a995f654512c7d95ddb62ab82f260f60.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 672B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ