Behavioral task
behavioral1
Sample
057d62261912947a1f18f01aa7afd23f.exe
Resource
win7-20220812-en
General
-
Target
057d62261912947a1f18f01aa7afd23f.exe
-
Size
37KB
-
MD5
057d62261912947a1f18f01aa7afd23f
-
SHA1
31a7eb1006791f6e9ce3f92bf4c6df4cbf2b2a26
-
SHA256
0633a748ff46014de54f04842b330746f815c669a1f6074e8beaec6b07f51937
-
SHA512
7393f6d8ee85cc17b8a9bb0cd34c3dc1f81babf3febece1c8125e37b03044455f3081677ee3f5f730195209f8c35cd14e6692892ee36532bc938321b77570939
-
SSDEEP
384:AkqIiuVjtD+P3V+y0bf2TKtvN4suKfdrAF+rMRTyN/0L+EcoinblneHQM3epzXHz:DNmV10bf2TKtClK1rM+rMRa8Nu5xt
Malware Config
Extracted
njrat
im523
HacKed
8.tcp.ngrok.io:10195
e5fb6e8df0343904c919e4379c7d6680
-
reg_key
e5fb6e8df0343904c919e4379c7d6680
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
057d62261912947a1f18f01aa7afd23f.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ