njrat | c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985 | Triage

Submit
Reports

Overview

overview

Static

static

c3d86be4c8...85.exe

windows7-x64

c3d86be4c8...85.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985.exe

Resource

win7-20220812-en

njrat saa evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985.exe

Resource

win10v2004-20220812-en

njrat saa evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985
Size

23KB
MD5

a2a7bb1ebd2d5f4fcf2b91c64a908c90
SHA1

d65c6be431bcb7bad6f5a661be7cc6620a9c147f
SHA256

c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985
SHA512

92579aa94f27950930d73897ca96e29bcbf47aef98b491245c940d5466158611b7b0d2362ec8cdc686149baca157386f2dd37b0f5366e54031218c4e07cf2093
SSDEEP

384:5c6ze6e1PAhJVzC3tC1im/BsTx46PgZ0rap9HBmRvR6JZlbw8hqIusZzZJF2:re9EJLN/yRpcnuZ

Score

10^/10

saa njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

saa

C2

samirsamir12.no-ip.biz:5553

Mutex

bc4a3ea056f5cd2b412a84f3e109d2de

Attributes

reg_key
bc4a3ea056f5cd2b412a84f3e109d2de
splitter
|'|'|

Signatures

Njrat family
njrat

Files

c3d86be4c819fd57666392a4110b3c2b63c62e6d7e7d8487fac9b6af9000b985
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy