njrat | a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe | Triage

Submit
Reports

Overview

overview

Static

static

a3f5e8a577...be.exe

windows7-x64

a3f5e8a577...be.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe.exe

Resource

win7-20221111-en

njrat hacked evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe.exe

Resource

win10v2004-20220812-en

njrat hacked evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe
Size

23KB
MD5

b00b88095d25002f90f971d2e3a4ef5b
SHA1

581ffa4c1169ac03868c77db24b507053593e136
SHA256

a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe
SHA512

1da2819669b894004d302ed51a5ce65385400bc359dc3a92558efabc79fc1ec65c24d97a47c466a2c1aa91c2d0e5d62df8f2b3c54d779fb18ee3ae04c5253976
SSDEEP

384:MQ+ILgIbOprgPsUOSU0kB1kd6dg7GYh/JomRvR6JZlbw8hqIusZzZMC:fLL6MVU0NRpcnuo

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

noxx.no-ip.biz:5552

Mutex

1dda34b269e6e7b2e93b033b8320d44b

Attributes

reg_key
1dda34b269e6e7b2e93b033b8320d44b
splitter
|'|'|

Signatures

Njrat family
njrat

Files

a3f5e8a5778f32960f8574cb4b5023a8f5a9b032b26965f6d1349cfd0e344bbe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy