njrat | ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16 | Triage

Submit
Reports

Overview

overview

Static

static

ae2eb6d61e...16.exe

windows7-x64

ae2eb6d61e...16.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16.exe

Resource

win7-20220812-en

njrat ahlem evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16.exe

Resource

win10v2004-20220812-en

njrat ahlem evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16
Size

23KB
MD5

54231b462ee544a9b04f67e3edb45402
SHA1

3b0b3ab0ac55b51253fb3fb38ea3e7ff4cb5acbd
SHA256

ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16
SHA512

73b508061760be67a2ae8e9ac4fa450cf46ffc5a2df9e43ce83c338f92ca3981635eda0d0169fa009e223ca2a059adeea51f8fb4e2a03ffd104515860ea23fc2
SSDEEP

384:xsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5QQmRvR6JZlbw8hqIusZzZ+13:Kf65K2Yf1jERpcnuPd

Score

10^/10

ahlem njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

ahlem

C2

omezzine.no-ip.biz:81

Mutex

0d9c5c61bceb827fc74ac3bc57a82c44

Attributes

reg_key
0d9c5c61bceb827fc74ac3bc57a82c44
splitter
|'|'|

Signatures

Njrat family
njrat

Files

ae2eb6d61e418e45159c477b22725482955b85681ca6b3b76a837112ff221a16
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy