njrat | e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc | Triage

Submit
Reports

Overview

overview

Static

static

e8c5ae2149...bc.exe

windows7-x64

e8c5ae2149...bc.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc.exe

Resource

win7-20220812-en

njrat rbgrbg evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc.exe

Resource

win10v2004-20220812-en

njrat rbgrbg evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc
Size

23KB
MD5

45c2097b3e02593577bc6bd4705aa590
SHA1

79cbaa62c0c129471435a8af5eefc7831c3a235b
SHA256

e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc
SHA512

a1cda5b41db6e8b7af7ec59942b25c00c42d57407ca35f83130f19ebea1b57e9ae8002966fdee171e37876cb1cd845c1f40268f7caddb0e430670efc09f44332
SSDEEP

384:KMKyOkBkRbohza8yuTUtZu06cgV4a5pzomRvR6JZlbw8hqIusZzZkt:l/YI1TDRpcnuv

Score

10^/10

rbgrbg njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

rbgrbg

C2

rbg.no-ip.biz:4430

Mutex

9ad8e131ea8eb55212ed9bdba208c728

Attributes

reg_key
9ad8e131ea8eb55212ed9bdba208c728
splitter
|'|'|

Signatures

Njrat family
njrat

Files

e8c5ae21497796bbb296b0e01ab743739f15153a0059bb4709cf7eba2a3a31bc
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy