njrat | b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e | Triage

Submit
Reports

Overview

overview

Static

static

b479e89bcb...4e.exe

windows7-x64

b479e89bcb...4e.exe

windows10-2004-x64

Sharing

Static task

static1

►€☼ ѓšħǎǎǎǎŝħ ☼€njrat

1 signatures

Behavioral task

behavioral1

Sample

b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e.exe

Resource

win7-20220901-en

njrat ►€☼ ѓšħǎǎǎǎŝħ ☼€evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e.exe

Resource

win10v2004-20220812-en

njrat ►€☼ ѓšħǎǎǎǎŝħ ☼€evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e
Size

23KB
MD5

47b9f5c5ddc0ab6a5ddfecbf96755660
SHA1

287717f919210e1141d429cee38de26433042fd2
SHA256

b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e
SHA512

853fe93afb51aca7c378c0991aa242c84775dcb7dfb41cba2b672818f165738c048b7c116605f8dda261e0255befe3c7f7fd48b147fb4305fbb00ef7cd30fd9d
SSDEEP

384:TnQxMT2NQBuN4lJ4y2JO87po6ngB8WWKf5mRvR6JZlbw8hqIusZzZtU:JIMuhNJjRpcnu9

Score

10^/10

►€☼ ѓšħǎǎǎǎŝħ ☼€njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

►€☼ ЃšĦǎǎǎǎŝĦ ☼€

C2

baypal.no-ip.org:5552

Mutex

38c9a59db1977daebafb03f6c3c15402

Attributes

reg_key
38c9a59db1977daebafb03f6c3c15402
splitter
|'|'|

Signatures

Njrat family
njrat

Files

b479e89bcba2e01999cf970e8be89050b8509f583d7a77eb635b6db73f01834e
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy