njrat | 3e357895f89d4cd16c18f8d2b5e2a722[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

3e357895f8...22.exe

windows7-x64

3e357895f8...22.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3e357895f89d4cd16c18f8d2b5e2a722.exe

Resource

win7-20220812-en

njrat tommy212 evasion persistence trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e357895f89d4cd16c18f8d2b5e2a722.exe

Resource

win10v2004-20220901-en

njrat tommy212 evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

General

Target

3e357895f89d4cd16c18f8d2b5e2a722.exe
Size

37KB
MD5

3e357895f89d4cd16c18f8d2b5e2a722
SHA1

73409edc9f18f3b80d43eaa8dcb7863da3c462fe
SHA256

b34f1a8e219ea6fcb31b03700a19e3cf2288a95f02f8dbb14aa55481b914b7e2
SHA512

4b38f6a122a9e7b4ef5255896ae2bb4d82107d939dfc432ce66b4a67b6a912a4c2fa1ea00cff11237db12761b1d56c3ec525a8aafe7b0dca5a7e77b1d67a5915
SSDEEP

384:xa8jVSikm30NVtv/Vey0bAyHpYsu2DmZrAF+rMRTyN/0L+EcoinblneHQM3epzXS:0YzO1VV0bAymt2krM+rMRa8NuNat

Score

10^/10

tommy212 njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Tommy212

C2

8.tcp.ngrok.io:15086

Mutex

3d7c682e8005832ba0312c056475b0dd

Attributes

reg_key
3d7c682e8005832ba0312c056475b0dd
splitter
|'|'|

Signatures

Njrat family
njrat

Files

3e357895f89d4cd16c18f8d2b5e2a722.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy