njrat | 1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c | Triage

Submit
Reports

Overview

overview

Static

static

1d8585fe65...1c.exe

windows7-x64

1d8585fe65...1c.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c.exe

Resource

win7-20221111-en

njrat wf evasion persistence trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c.exe

Resource

win10v2004-20221111-en

njrat wf evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c
Size

29KB
MD5

6a05cbb2488da8c0377ca5ab5ad08090
SHA1

47614159ab275f9e274082e3a5531dd0f6ca6025
SHA256

1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c
SHA512

83db9f5f09dbd44232e3aa52de5ec3f6f9743c344a0890ed9629958b864b8a4788748c121b3ab126ee4985a54a0de7cdc646985a57ba3d5cbaf3e55adf0ee17f
SSDEEP

768:Y2u75oa4fu124AqFjXeJBKh0p29SgROrP:s75CPkj8KhG29jOrP

Score

10^/10

wf njrat

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

wf

C2

gta5lohi.ddns.net:9999

Mutex

23556fb1360f366337f97c924e76ead3

Attributes

reg_key
23556fb1360f366337f97c924e76ead3
splitter
|'|'|

Signatures

Njrat family
njrat

Files

1d8585fe6568fab26795e38f589e75c0b8dc58c20aec081ab6b73f290bc7111c
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy