Behavioral task
behavioral1
Sample
882e02de429cb9f28dbee364485afe3956bc9f7ee1b52e021bcd5d6614e0b4d1.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
882e02de429cb9f28dbee364485afe3956bc9f7ee1b52e021bcd5d6614e0b4d1.exe
Resource
win10v2004-20221111-en
General
-
Target
882e02de429cb9f28dbee364485afe3956bc9f7ee1b52e021bcd5d6614e0b4d1
-
Size
23KB
-
MD5
300030c484a0e5846c01c8a5eb8a0c8d
-
SHA1
31ae9bd60367dea8ba5fdc5fea77afac07e72883
-
SHA256
882e02de429cb9f28dbee364485afe3956bc9f7ee1b52e021bcd5d6614e0b4d1
-
SHA512
39e65aef7cbe47a2ba114748e859b669a85cca61173b01a75f56b2dfc9b072482d330ead0cd2e5c70d64c255af46ba7dc84ea09696e73fcd2cc8c03627dc4dc4
-
SSDEEP
384:l/qUP2x0R4IxVISuI+M/Pdw6jgFI6VeOj1mRvR6JZlbw8hqIusZzZnFL:X4oA1Ic4Rpcnui
Malware Config
Extracted
njrat
0.7d
ş ɑ͠ w̨̐ ☺☺☺ вłɑ͠c̝̚Ķ
dzsaw10.no-ip.biz:55553
4526c2cf151360c0d11ddeeb9772e52a
-
reg_key
4526c2cf151360c0d11ddeeb9772e52a
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
882e02de429cb9f28dbee364485afe3956bc9f7ee1b52e021bcd5d6614e0b4d1.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ