Behavioral task
behavioral1
Sample
34cbec829cf1fb0e161ac5251fa010bc1e9222bc4d1795b4123f15e64d22bb96.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
34cbec829cf1fb0e161ac5251fa010bc1e9222bc4d1795b4123f15e64d22bb96.exe
Resource
win10v2004-20220812-en
General
-
Target
34cbec829cf1fb0e161ac5251fa010bc1e9222bc4d1795b4123f15e64d22bb96
-
Size
25KB
-
MD5
9145009fb8003247935fed666198fa00
-
SHA1
091adf513d197bb56781f8e949ef33e1cc55347a
-
SHA256
34cbec829cf1fb0e161ac5251fa010bc1e9222bc4d1795b4123f15e64d22bb96
-
SHA512
3617c89f71a81bde0b3cde75de172f42a4e406197f09216ebba5ec1f7e7c6783d633e78b3af5cf57b47108a1241b6de6f941c7ad47f5a6e7b4f55c48010d9569
-
SSDEEP
384:tHoWSkWHa55BgDVRGipkItzY6vZg36Eh7FpmRvR6JZlbw8hqIusZzZm3kYIkIMDz:tgJuk9pHRpcnu1UYIkRDz
Malware Config
Extracted
njrat
0.7d
AnonymousTunisie
gta5.no-ip.info:1177
2cf313484d72c963e88379a311ae7bdb
-
reg_key
2cf313484d72c963e88379a311ae7bdb
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
34cbec829cf1fb0e161ac5251fa010bc1e9222bc4d1795b4123f15e64d22bb96.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ