njrat | Fix Danger tool[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Fix Danger tool.exe
Size

60.7MB
MD5

78603348eb5251879be71b5875500066
SHA1

be7a66f8d84b5eae535cd45b8a86f024e245b84a
SHA256

796fbc1a5d37ebcb2e8a9591d77750e7164e4e086044377463386d03e62b837d
SHA512

5353e169d7cc673d3b2816480cd70cf0744467a13e8059639965424e265783357db7b6a90cad1d38054497cdb11eccc70c123b8692573c22b7d092409ca34eb3
SSDEEP

1572864:3y45SSDpXGMK4XRg/bfCMj+AetfgSK7aSCU/+PwXyp1:3y49gYRczqgSK7aSC++PwX21

Score

10^/10

pyinstaller njrat

Malware Config

Signatures

Njrat family
njrat

Detects Pyinstaller 1 IoCs

resource	yara_rule
sample	pyinstaller

Files

Fix Danger tool.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ