njrat | xs6Wrp6hsMa5[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

xs6Wrp6hsMa5.exe

windows7-x64

xs6Wrp6hsMa5.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

xs6Wrp6hsMa5.exe

Resource

win7-20220812-en

njrat nyan cat trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

xs6Wrp6hsMa5.exe

Resource

win10v2004-20221111-en

njrat nyan cat trojan

windows10-2004-x64

6 signatures

150 seconds

General

Target

xs6Wrp6hsMa5.exe
Size

32KB
MD5

9bb347432d6e8b9547423d3669480fea
SHA1

7fce085a31c86c3fadd50c4112de8a29ce6f56d3
SHA256

15d5605f08420bd6b2ed02d9e08885e442c3f3e0bd4423b2ca7450f593799963
SHA512

ba9bffb9b02941e464df8f4516067f18de769e56d1cfcce16e7c067b7bc07567a7e18ab3e22ebe5c3b662eeafbd71d2e9a01a17f2d6bb373a8a4b75842e88384
SSDEEP

384:I0bUe5XB4e0XmOntlXCpF7r/HWTztTUFQqzFfObbT:9T9Bu1tlQQ1bT

Score

10^/10

nyan cat njrat

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

nuevosecua.duckdns.org:2054

Mutex

6adca2f50d464

Attributes

reg_key
6adca2f50d464
splitter
@!#&^%$

Signatures

Njrat family
njrat

Files

xs6Wrp6hsMa5.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy