njrat | free_donate_mod[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

free_donate_mod.exe

windows7-x64

free_donate_mod.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

пидер njrat

1 signatures

Behavioral task

behavioral1

Sample

free_donate_mod.exe

Resource

win7-20220812-en

njrat пидер evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

free_donate_mod.exe

Resource

win10v2004-20220901-en

njrat пидер evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

free_donate_mod.exe
Size

37KB
MD5

021710a99ae4be346f2cd0b2f8d6b4eb
SHA1

08805af81cf7ab6378194ea7ffd2f5f73c7cca1d
SHA256

89abd7081183319056f21b720285ff5bcf1d4c29c239a01f994c2aad77b8e1a0
SHA512

ffcfdcae199d4ac23b0fa57447fa837d7577cb6c85ba6ae8a741f031b88ec558f51af7271ba7b1eeb4cd28f775cf8d4aca956b805434ec6cc6c0e2977a7ea1b3
SSDEEP

384:O7IvVSikmj0NVtv/Vey0bkmflcs+SvkrAF+rMRTyN/0L+EcoinblneHQM3epzX4d:C4nO1VV0bkmmVS8rM+rMRa8NuOft

Score

10^/10

пидер njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

пидер

C2

5.tcp.eu.ngrok.io:14307

Mutex

a1856b05b05966a3062ca5b431fd74b1

Attributes

reg_key
a1856b05b05966a3062ca5b431fd74b1
splitter
|'|'|

Signatures

Njrat family
njrat

Files

free_donate_mod.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy