njrat | 0x0009000000012314-63[.]dat | Triage

Submit
Reports

Overview

overview

Static

static

0x00090000...63.exe

windows7-x64

0x00090000...63.exe

windows10-2004-x64

Sharing

Static task

static1

exploited++njrat

1 signatures

Behavioral task

behavioral1

Sample

0x0009000000012314-63.exe

Resource

win7-20221111-en

njrat exploited++trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0x0009000000012314-63.exe

Resource

win10v2004-20220901-en

njrat exploited++trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

0x0009000000012314-63.dat
Size

78KB
MD5

2c3dfd707a71a723aada2ab5cb4485d6
SHA1

41357a94ad63b2f6bbe4f4f0a069d6f22a125369
SHA256

1ba26b7fefc227463accb9d479889d17439b7de392d09722d271641acf24b23f
SHA512

fe6e219e3efb0c8e0ee3a77d5dc198a43df605e9859bf5a1b41dbd8cfae929d9c684025676b80c8f5438e3e4de1d1b9a0a78bf5c5fd2005763e8d254425dcb19
SSDEEP

1536:If+qHADbDpKS5wpOk3JCK6pFo2/e6fOpd/9nEh9TGnJUR:WQwpOk5CK6pO/9ESnJU

Score

10^/10

exploited++njrat

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Exploited++

C2

salesxpert.duckdns.org:2889

Mutex

windows.exe

Attributes

reg_key
windows.exe
splitter
mnbvcxz12

Signatures

Njrat family
njrat

Files

0x0009000000012314-63.dat
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy