Behavioral task
behavioral1
Sample
120a5cee18180b9a03c42a10838f6bc0c9d7b56ec7577c06d3fa7ee26880a3a8.exe
Resource
win7-20220812-en
General
-
Target
120a5cee18180b9a03c42a10838f6bc0c9d7b56ec7577c06d3fa7ee26880a3a8
-
Size
23KB
-
MD5
4557561846d25c2171daafdfda7efdcc
-
SHA1
e3af900697ad3727b568d1a708590768154061f1
-
SHA256
120a5cee18180b9a03c42a10838f6bc0c9d7b56ec7577c06d3fa7ee26880a3a8
-
SHA512
811db372b2f1e1790f4989fb878373e1fc0da4bac3a506564a04637f73bbfcae0737d27548adc12cf3d2623a0f9734853e7f7912ea686d490825008d134b688c
-
SSDEEP
384:EQGwz6+T4IjWZFNwXU0eiNUBdvt6lgT+lLOhXxQmRvR6JZlbw8hqIusZzZdW:EYTbC81NgRpcnu/
Malware Config
Extracted
njrat
0.7d
HacKed
194.58.97.191:80
3254ed499a1b2f35bae95f6b78697a78
-
reg_key
3254ed499a1b2f35bae95f6b78697a78
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
120a5cee18180b9a03c42a10838f6bc0c9d7b56ec7577c06d3fa7ee26880a3a8.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ