njrat | bI5I[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

bI5I.exe

windows7-x64

Resubmissions

04-01-2023 16:49

230104-vbm8racc4z 10

04-01-2023 12:54

230104-p49pkaff72 10

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bI5I.exe

Resource

win7-20220812-en

njrat hacked trojan

windows7-x64

3 signatures

150 seconds

General

Target

bI5I.exe
Size

25KB
MD5

6e09d0b1cab55f424bfe35bc8506b731
SHA1

96686edf4bcc7b9d6a4f2fc4d4090f636291b13a
SHA256

3099206cb7db28552e5614d387e390516eb193259b400c2f6c9197e3d509b592
SHA512

f8e3a93cb5651641b61528b59d05a6e4645eb8db236dd220856cd96aef89c3334fed336b38e42f6dc38e2f67f344cb985fa516a9436394901eeac2f41fc51d53
SSDEEP

384:eLhzkaJcPknNlxlehKNOYUikkdIVYlvM3iY2OzRLTm3yilqq6xpBtVvZ:IK0cu3reOELGlvqisFBVvZ

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d By Pjoao1578

Botnet

HacKed

C2

https://pastebin.com/raw/H9hfZYSE:7000

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes

reg_key
6a2634340fbf8a0a2c038c6263d49fd1
splitter
|'|'|

Signatures

Njrat family
njrat

Files

bI5I.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy