njrat | eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c | Triage

Submit
Reports

Overview

overview

Static

static

eae8a9d135...1c.exe

windows7-x64

eae8a9d135...1c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c.exe

Resource

win7-20220812-en

njrat vitima evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c.exe

Resource

win10v2004-20220812-en

njrat vitima evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c
Size

23KB
MD5

91bcfd8924d32c584e232c0cd990e4a0
SHA1

da34c3ef5f8a83198d51327e46af6a698d8b4df9
SHA256

eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c
SHA512

731d602fab4bf23ba5d4c0d0ace83a43a25c983dfa8857a2e1a63fa7acb76500299ea67e61c9e8e06a0bdd222ee1737a0ce13c3266c3172cbadbb1b71e280a65
SSDEEP

384:hsqCm6yocx/Yp7jemiO0nd08/VQ6bgNQC5h7tmRvR6JZlbw8hqIusZzZXr:aSoQA6mlcrRpcnuQ

Score

10^/10

vitima njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Vitima

C2

deidaranjrat.no-ip.org:81

Mutex

87a308d83c0aaf6165abf0673f7a10e4

Attributes

reg_key
87a308d83c0aaf6165abf0673f7a10e4
splitter
|'|'|

Signatures

Njrat family
njrat

Files

eae8a9d135638f3b4c7560ca4a77a21dbaee71cae253e09dadad277d2c209c1c
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy