njrat | f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b | Triage

Submit
Reports

Overview

overview

Static

static

f4c4ce3c56...7b.exe

windows7-x64

f4c4ce3c56...7b.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b.exe

Resource

win7-20220812-en

njrat vitima evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b.exe

Resource

win10v2004-20220812-en

njrat vitima evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b
Size

23KB
MD5

49247bebaabc9ff6c17ed70ff8b702d0
SHA1

96f1f2f1fc03ae305b2d683586c1d2f3f92fc8f5
SHA256

f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b
SHA512

c88e3d731f4306ddd66a1a3c07b56244c9f27e780fc03a5b569252ebd69558a3715227bad6cbfb33aef2f201778316f4fce28491fdada72a5df46e623182de10
SSDEEP

384:lHQeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZ56:lY5yBVd7RpcnuD

Score

10^/10

vitima njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Vitima

C2

thiagoman.no-ip.org:1177

Mutex

fbe9773990c63060495a1d22f0200106

Attributes

reg_key
fbe9773990c63060495a1d22f0200106
splitter
|'|'|

Signatures

Njrat family
njrat

Files

f4c4ce3c56856860433897939b5d9751019f03c6df7f193846f615c6d7cd877b
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy