Behavioral task
behavioral1
Sample
bEG2.exe
Resource
win7-20220901-en
General
-
Target
bEG2.exe
-
Size
23KB
-
MD5
c84b5aa41ceb238a9b328e4521c2903d
-
SHA1
6f75576e35f98544a7b938015a74498700aaacef
-
SHA256
5ac858d76e8ff1f69dc3cc87f6fe63c705e73b91141468c2959aebaebeeeb5ed
-
SHA512
0be8b058c02fe9429d5a742c859d4bf6b8f0a3fa78916d4be505d20e1a9eeb2e0f58a6aa3f7ea7d5b103465e3bd061ae21a7b30f27a48bdccc5b7a4bce2107e2
-
SSDEEP
384:ZweXCQIreJig/8Z7SS1fEBpng6tgL2IBPZVmRvR6JZlbw8hqIusZzZTH:eLq411eRpcnuk
Malware Config
Extracted
njrat
0.7d
HacKed
windowsii.duckdns.org:5552
85faf5c90182f6391d389f3f4afec300
-
reg_key
85faf5c90182f6391d389f3f4afec300
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
bEG2.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ