njrat | b9891a402fda1132df04dcbeb978c13a[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

b9891a402f...3a.exe

windows7-x64

b9891a402f...3a.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b9891a402fda1132df04dcbeb978c13a.exe

Resource

win7-20221111-en

njrat hacked evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

b9891a402fda1132df04dcbeb978c13a.exe

Resource

win10v2004-20220812-en

njrat hacked evasion persistence trojan

windows10-2004-x64

12 signatures

150 seconds

General

Target

b9891a402fda1132df04dcbeb978c13a.exe
Size

37KB
MD5

b9891a402fda1132df04dcbeb978c13a
SHA1

1408b5fb5d5ce0903c23cb174f3c10066d221079
SHA256

21d8a908a4557c58af6fd8487fbe360c6b6ee15de7dee9d31912b18d0936761c
SHA512

542fcfe3dadcf8a00ed8a81354d90fb6ddf9e88c3e5cd92395c93ceaadfe9d235b28ffeaf64a228afc902be1476736e05b61ed545432b5508b08c0f11211e540
SSDEEP

384:zmIjrUiS6L1G5k2gyk/8If5e/QUZSVprAF+rMRTyN/0L+EcoinblneHQM3epzXKV:jjz32bk/8IQYUZSrrM+rMRa8Nu0vXt

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

2.tcp.eu.ngrok.io:15986

Mutex

198d41d5fe2cbc3d7b66a9e7a223f914

Attributes

reg_key
198d41d5fe2cbc3d7b66a9e7a223f914
splitter
|'|'|

Signatures

Njrat family
njrat

Files

b9891a402fda1132df04dcbeb978c13a.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy