njrat | c02748283f9f2344dd3a878ce6f106d89fe3e501d0934f71c9cd5bb2c659d7aa | Triage

Submit
Reports

Overview

overview

Static

static

hghhghghghg.exe

windows7-x64

hghhghghghg.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

hghhghghghg.exe

Resource

win7-20220812-en

njrat ahmad evasion persistence trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

hghhghghghg.exe

Resource

win10v2004-20220812-en

njrat ahmad evasion persistence trojan

windows10-2004-x64

10 signatures

150 seconds

General

Target

c02748283f9f2344dd3a878ce6f106d89fe3e501d0934f71c9cd5bb2c659d7aa
Size

12KB
MD5

403867ccfa67f89c380a0d1ca43a4ebc
SHA1

ac81a575630b1677c2a030547d1fcd38ca92cf9c
SHA256

c02748283f9f2344dd3a878ce6f106d89fe3e501d0934f71c9cd5bb2c659d7aa
SHA512

dc385e989174d77d47e6fc0a55cc99151337d50676688db4daec3f05734a5f56aeffdf03d8fecce999af096edd2763769133ef845b5bd01d68109c3b15bb7693
SSDEEP

192:zHTh4+YHdD8g+fLwod/cpPDjaQzbAN8S5mFP1XtD8v3sL8UFvoX2qS4wowpVNCha:rG98gx6/ESp8t8v3+8UFvoX2ezo

Score

10^/10

ahmad njrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

ahmad

C2

ahmadcecee.ddns.net:80

Mutex

cd9e051ed80df1a0c0b000059793bab8

Attributes

reg_key
cd9e051ed80df1a0c0b000059793bab8
splitter
|'|'|

Signatures

Njrat family
njrat

Files

c02748283f9f2344dd3a878ce6f106d89fe3e501d0934f71c9cd5bb2c659d7aa
.rar
hghhghghghg.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy