njrat | 25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413 | Triage

Submit
Reports

Overview

overview

Static

static

25d99b3643...13.exe

windows7-x64

25d99b3643...13.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413.exe

Resource

win7-20220812-en

njrat mu7a evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413.exe

Resource

win10v2004-20220812-en

njrat mu7a evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413
Size

23KB
MD5

6913b76617517788fe75ce0a04ce9bc0
SHA1

100d1209b9f19883f0bd57fa96c014614b496cb9
SHA256

25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413
SHA512

491968bf7fbde6d12761265a84bfc0feb5c9b130e2f45e6cb3d5825c09aa034d55e5c81556551c01bef316b411e35e59b5032216a8af89fb30092937d862b265
SSDEEP

384:pc68yCaUVIhboNgfEimfkNzayS06vg5UhcpxH7ndmRvR6JZlbw8hqIusZzZPi/0+:d873kgNfoaf6ARpcnusiJ

Score

10^/10

mu7a njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Mu7a

C2

mu7a.no-ip.biz:6662

Mutex

8f853bab337de44f68b762e9b54ca8d1

Attributes

reg_key
8f853bab337de44f68b762e9b54ca8d1
splitter
|'|'|

Signatures

Njrat family
njrat

Files

25d99b364324b81ed9a1eac70930e6cc4b07dde8a9464e1b90b4918537f83413
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 575B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy