njrat | 8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165 | Triage

Submit
Reports

Overview

overview

Static

static

8519de78c1...65.exe

windows7-x64

8519de78c1...65.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165.exe

Resource

win7-20220812-en

njrat explorer evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165.exe

Resource

win10v2004-20220812-en

njrat explorer evasion persistence trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165
Size

44KB
MD5

19bf748bfb8b8971c6101e94f7a9698f
SHA1

2c771504cb451608712999e15c4e235cc610f9c3
SHA256

8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165
SHA512

cbb24c6e84eb6e77fe61f12c020ec604e3a063fbcfca3d9553ca409c6d125c3d254af42381975e469e076f8adee9279a4dfb5b87550396a77af2135bb1ddbb56
SSDEEP

768:m7nMsanZRnQqIXeOBKh0p29SgRhxYDGe6Ye:m7nkQx/KhG29jhxYDn

Score

10^/10

explorer njrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

explorer

C2

mimo-salah.bo-ip.biz:1177

Mutex

ed6e2bf930f6d35b3ac57c049d10ac2c

Attributes

reg_key
ed6e2bf930f6d35b3ac57c049d10ac2c
splitter
|'|'|

Signatures

Njrat family
njrat

Files

8519de78c19f8ae3a77c3d9ffadbf89a92fe28e002a762f35db3e9ce0611d165
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy