njrat | bEG2[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

bEG2.exe

windows7-x64

8

bEG2.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bEG2.exe

Resource

win7-20220901-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

bEG2.exe

Resource

win10v2004-20220812-en

njrat evasion trojan

windows10-2004-x64

4 signatures

150 seconds

General

Target

bEG2.exe
Size

23KB
MD5

c84b5aa41ceb238a9b328e4521c2903d
SHA1

6f75576e35f98544a7b938015a74498700aaacef
SHA256

5ac858d76e8ff1f69dc3cc87f6fe63c705e73b91141468c2959aebaebeeeb5ed
SHA512

0be8b058c02fe9429d5a742c859d4bf6b8f0a3fa78916d4be505d20e1a9eeb2e0f58a6aa3f7ea7d5b103465e3bd061ae21a7b30f27a48bdccc5b7a4bce2107e2
SSDEEP

384:ZweXCQIreJig/8Z7SS1fEBpng6tgL2IBPZVmRvR6JZlbw8hqIusZzZTH:eLq411eRpcnuk

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

windowsii.duckdns.org:5552

Mutex

85faf5c90182f6391d389f3f4afec300

Attributes

reg_key
85faf5c90182f6391d389f3f4afec300
splitter
|'|'|

Signatures

Njrat family
njrat

Files

bEG2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy