njrat | 0A513F65BF5684873D3FC95EAA0DDD20A78887F05683F[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

0A513F65BF...3F.exe

windows7-x64

0A513F65BF...3F.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0A513F65BF5684873D3FC95EAA0DDD20A78887F05683F.exe

Resource

win7-20221111-en

njrat optifine evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0A513F65BF5684873D3FC95EAA0DDD20A78887F05683F.exe

Resource

win10v2004-20221111-en

njrat optifine evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

0A513F65BF5684873D3FC95EAA0DDD20A78887F05683F.exe
Size

23KB
MD5

f59893b9ab5aae7d213c3f7b7845c9a6
SHA1

d30cd5bdca11a1f3290939d15f88d01ebd2aea3f
SHA256

0a513f65bf5684873d3fc95eaa0ddd20a78887f05683f64aa1926557c2f51759
SHA512

49d6e0f84ac2396993b512164be9a2e1b1db086efe65a112a30fdce0b8c592fceb1739682b010557a319446655530710db5bd308dca2b7fdc0bdfc7ccfff1854
SSDEEP

384:f/MKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZz6:fUW4V6+yDRpcnuh

Score

10^/10

optifine njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Optifine

C2

0.tcp.eu.ngrok.io:16987

Mutex

7bfd53931aed0307e09d200e8d093ffb

Attributes

reg_key
7bfd53931aed0307e09d200e8d093ffb
splitter
|'|'|

Signatures

Njrat family
njrat

Files

0A513F65BF5684873D3FC95EAA0DDD20A78887F05683F.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy