njrat | 9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a | Triage

Submit
Reports

Overview

overview

Static

static

9a3a900bb7...8a.exe

windows7-x64

9a3a900bb7...8a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

nj-boyشير ايرث لنك njrat

1 signatures

Behavioral task

behavioral1

Sample

9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a.exe

Resource

win7-20220812-en

njrat nj-boyشير ايرث لنك evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a.exe

Resource

win10v2004-20220901-en

njrat nj-boyشير ايرث لنك evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a
Size

387KB
MD5

32a3596e5786c214d7f6996408359c4e
SHA1

3bd4a962af09cfef43fa1e50ce33d2d1967a4bb0
SHA256

9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a
SHA512

a259968643339ee1783ea59e5c474668f0e1962da3995ee06507f6a05091401abd49481688c02ccad98ab1abbbdea5f54d745ddb8466e35b86f511bb02e5cd4b
SSDEEP

3072:AD2bP0edvBooLVyqtlndzMyKPVHvLthh/xLDAluVY8hLGhTQzmRMUCvCoq9G1W:ASd/Zlld4hLGhTQKRMnvj

Score

10^/10

nj-boyشير ايرث لنك njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

NJ-BOYشير ايرث لنك

C2

wawe2014.linkpc.net:1222

Mutex

c3991e87e90d7e52140a05ad49fb8921

Attributes

reg_key
c3991e87e90d7e52140a05ad49fb8921
splitter
|'|'|

Signatures

Njrat family
njrat

Files

9a3a900bb72fb435b213093c5d757ccf29f387d3ef59b79f360d8ede7bc40a8a
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy