njrat | cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd | Triage

Submit
Reports

Overview

overview

Static

static

cbb23452a3...fd.exe

windows7-x64

cbb23452a3...fd.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd.exe

Resource

win7-20221111-en

njrat egi evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd.exe

Resource

win10v2004-20220812-en

njrat egi evasion persistence trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd
Size

23KB
MD5

ea395bb6be618d0c34cb8a23ae7d9274
SHA1

f03cdd6c3d7ae2a74b0a17b382ed5db518d6ab99
SHA256

cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd
SHA512

9e1e8d1bf8fe867c71742d5a9ff628cbc56e7060fe93b8a21d77c130532b034aec2560fead7260b4d43d99313dca8875d5195e278d9d2349d18170afb962b35b
SSDEEP

384:fc6CqbFYh3odrVCGiHssDB4b6i6fgpEupNXRmRvR6JZlbw8hqIusZzZcsJ:EIU0tw3RpcnunQ

Score

10^/10

egi njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Egi

C2

shicogenius1.no-ip.biz:5552

Mutex

99cb4e4f1dee203bc2e54d8f048d3ded

Attributes

reg_key
99cb4e4f1dee203bc2e54d8f048d3ded
splitter
|'|'|

Signatures

Njrat family
njrat

Files

cbb23452a3f6fda9fb7a8615e602fe80ccdc87cacc3b0697c7b6424ceb8562fd
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy