njrat | 8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75 | Triage

Submit
Reports

Overview

overview

Static

static

8ef8461d11...75.exe

windows7-x64

8ef8461d11...75.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75.exe

Resource

win7-20220812-en

njrat hacked evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75.exe

Resource

win10v2004-20220812-en

njrat hacked evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75
Size

23KB
MD5

d0c8e3847ba8d63c92e83a2d8ca98f10
SHA1

73b450f74aabd20bad4042eb34b427d27aba2edf
SHA256

8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75
SHA512

d958bde796d08f326392300a9a2f9d952a4af2757257c588d578c2d96279d29e0eae1da94a5bdeb63e0a2e454bee660faf5a7dd41e0e8d62c03278de0b246acc
SSDEEP

384:n+n2650N3qZbATcjRGC5Eo9D46BgnqUhay1ZmRvR6JZlbw8hqIusZzZjz:Am+71d5XRpcnuU

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

mosratos.no-ip.biz:1177

Mutex

b9f5c291ed6c09c853ddde27af283cfd

Attributes

reg_key
b9f5c291ed6c09c853ddde27af283cfd
splitter
|'|'|

Signatures

Njrat family
njrat

Files

8ef8461d111d250cb517058470d30ac01fd3d00334c8314361ee313d0afb4a75
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy