njrat | 0x000600000000b2d2-55[.]dat | Triage

Submit
Reports

Overview

overview

Static

static

0x00060000...55.exe

windows7-x64

0x00060000...55.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0x000600000000b2d2-55.exe

Resource

win7-20220812-en

njrat hacked evasion trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x000600000000b2d2-55.exe

Resource

win10v2004-20220901-en

njrat hacked evasion trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

0x000600000000b2d2-55.dat
Size

37KB
MD5

26519b81ab0c5400711598dab3492da4
SHA1

b28cd0ed6a3af783bddb83c2f2444902335c13a9
SHA256

553765cd10aca67763bfc1c158b143c34769fad1c0e826df511024ea6dce1409
SHA512

677fc384a8b03142fd3f9d4577b34b97b30ad430d96768c6e9d18ac9df8d3e859b77cc38e85d78e1288caa7c34fc7415e0895f8aaeeb6214527497b11e5b8e2c
SSDEEP

384:K0Lj99kitkZf5W9cTYXyc/jZMM6zffknvUBvrAF+rMRTyN/0L+EcoinblneHQM3a:V9qjjTYic/jW0vUxrM+rMRa8NuNxt

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

0.tcp.eu.ngrok.io:11177

Mutex

c6e1be96541084b1f53de49f469e8523

Attributes

reg_key
c6e1be96541084b1f53de49f469e8523
splitter
|'|'|

Signatures

Njrat family
njrat

Files

0x000600000000b2d2-55.dat
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy