Behavioral task
behavioral1
Sample
Server.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Server.exe
Resource
win10v2004-20220901-en
General
-
Target
4088b02bb140c6c38ee52acc67b8d93ffa65201b71d1a00bd551c3232c4cde34
-
Size
12KB
-
MD5
34c3c972f1582c1268a8cc591e0d3507
-
SHA1
47123eb18b5db161f503d05903d19e9ea44e1a4b
-
SHA256
4088b02bb140c6c38ee52acc67b8d93ffa65201b71d1a00bd551c3232c4cde34
-
SHA512
b4f471915fdd76fe4a93a1f084bd893027ddb3ed30bc6fe7671bcdb227fe5f24c2e5b7fd5f64fdc7763ea8c4140f3d3f7db4b6ec6c63c37c3677e1e090920a66
-
SSDEEP
384:IcCTXB/aAHlMfzXPfFi8IfxPcHXX99vmjIfRrUyI:mXBsfzX48a+blfRQZ
Malware Config
Extracted
njrat
0.6.4
HacKed
127.0.0.1:1177
5cd8f17f4086744065eb0992a09e05a2
-
reg_key
5cd8f17f4086744065eb0992a09e05a2
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
4088b02bb140c6c38ee52acc67b8d93ffa65201b71d1a00bd551c3232c4cde34.rar
-
Server.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 27KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ