njrat | Server[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Server.exe

windows10-1703-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Server.exe

Resource

win10-20220812-en

njrat hacked evasion trojan

windows10-1703-x64

14 signatures

150 seconds

General

Target

Server.exe
Size

37KB
MD5

77a061d54196511fb985ad08f61b4681
SHA1

e783b16bf42144aac4acf441fce87415e0dca275
SHA256

02175550330b76de111ae886a542242298c5b50b26f5d49a520fbe1481e52aab
SHA512

0292ebd71c561c6ad5ed841ba63e85b4606fd8c612eeb6d925a4e66933da19b3241569c3ce21b6451cf7eced02b0dea8e6893b2511ed041fdaf141052d9c3086
SSDEEP

384:calayyaik9hkdTnNiybYT81PRsc4jWj7rAF+rMRTyN/0L+EcoinblneHQM3epzX6:NgyCxNxbYT81y1WHrM+rMRa8Nu4Bt

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

considered-arrest.at.ply.gg:19159

Mutex

8b1b4ed3028d60637b47ebe2ea5ce8d7

Attributes

reg_key
8b1b4ed3028d60637b47ebe2ea5ce8d7
splitter
|'|'|

Signatures

Njrat family
njrat

Files

Server.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy