njrat | 4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda | Triage

Submit
Reports

Overview

overview

Static

static

4b8afbb202...da.exe

windows7-x64

4b8afbb202...da.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda.exe

Resource

win7-20220901-en

njrat hhhh_:d evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda.exe

Resource

win10v2004-20220812-en

njrat hhhh_:d evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda
Size

23KB
MD5

0c4a8e8f1f594c7f45b670436a3d6f34
SHA1

bb27da2936e13fcca8617fe5d380a30ac1035d9b
SHA256

4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda
SHA512

3f7d7f98299fdd96a9c7b82ef6e9e8e30fe665e9720047f3cc1aa5cabad5c5ba802236b49266a4049f39a1d867f54ffea7902f0cb8a5e226946674b7f9134ed1
SSDEEP

384:H8aSyS9gB3Y1KIay2X8cLZI6XgxsGJVPpmRvR6JZlbw8hqIusZzZ0U5l:8589tXvRpcnu/UD

Score

10^/10

hhhh_:d njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Hhhh_:D

C2

lokmane88.ddns.net:9991

Mutex

6388cb4b78441e2ccedbc06f55b0d1c8

Attributes

reg_key
6388cb4b78441e2ccedbc06f55b0d1c8
splitter
|'|'|

Signatures

Njrat family
njrat

Files

4b8afbb20211c850a22c6767eb3c14b0aab0083a5c76bb190fc1a63a6520ebda
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy