njrat | Server[.]bin[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

Server.bin.zip

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Server.bin.zip

Resource

win10v2004-20220812-en

azorult njrat pony raccoon socelars hacked collection discovery evasion infostealer persistence rat spyware stealer themida trojan vmprotect

windows10-2004-x64

66 signatures

1800 seconds

General

Target

Server.bin.zip
Size

17KB
MD5

2865b48c4036a5df570e850d34ff2fcb
SHA1

f199bbb4be0f212fb867c2481be1b016dbb4fa37
SHA256

7e0a04de4606954e63d8797d719a01d12fdc986e26719ae0bd97b20434855a69
SHA512

5ca1fa70d99e07368b63def7eafff20743825f5b60257cb3cd9e43b1bce57d1e2798de6004af8aa584c9deeb9fcfa1582b2759280ddc5440e00c018c21c3a173
SSDEEP

384:n/U2O21GTJ41TQfzlMX47Mqj8Ydt4TA5XjdG/u3:JOki6UZMIYc88MMXjMA

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

palat223.ddns.net:43486

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Signatures

Njrat family
njrat

Files

Server.bin.zip
.zip

Password: infected
Server.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy