njrat | 1A2F6E7B935912774FC6A0AB84532C3F7B4B532D56983[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1A2F6E7B93...83.exe

windows7-x64

1A2F6E7B93...83.exe

windows10-2004-x64

Sharing

Static task

static1

svconhost njrat

1 signatures

Behavioral task

behavioral1

Sample

1A2F6E7B935912774FC6A0AB84532C3F7B4B532D56983.exe

Resource

win7-20220812-en

njrat svconhost evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1A2F6E7B935912774FC6A0AB84532C3F7B4B532D56983.exe

Resource

win10v2004-20220812-en

njrat svconhost evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

1A2F6E7B935912774FC6A0AB84532C3F7B4B532D56983.exe
Size

23KB
MD5

6a3ab57d931467ae9a503d07f04eff6e
SHA1

14ef72765056598521fc90099293a780db8db71a
SHA256

1a2f6e7b935912774fc6a0ab84532c3f7b4b532d56983526ae63ae3186286b96
SHA512

859600c9b2db93a7dede3ad4a9a7ee99b82cf112eef2b1e19ee0c9f00c8fbc80d77e08c73b020cdbab7a5338e1c0c5d6fb22feb099ec1d5574d554b890e68c5e
SSDEEP

384:PV8aZYC9twBNdcvFaly2H0dbJo6HghcASEJqc/ZmRvR6JZlbw8hqIusZzZs6:PdY+sNKqNHnSdRpcnuM

Score

10^/10

svconhost njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Svconhost

C2

0.tcp.ngrok.io:12468

Mutex

39c13a2e2f5c92f943a1c4d228b480de

Attributes

reg_key
39c13a2e2f5c92f943a1c4d228b480de
splitter
|'|'|

Signatures

Njrat family
njrat

Files

1A2F6E7B935912774FC6A0AB84532C3F7B4B532D56983.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy