njrat | 0d4ad31daf8c712253b2417f29ddebf2[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

0d4ad31daf...f2.exe

windows7-x64

8

0d4ad31daf...f2.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0d4ad31daf8c712253b2417f29ddebf2.exe

Resource

win7-20220812-en

evasion persistence

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0d4ad31daf8c712253b2417f29ddebf2.exe

Resource

win10v2004-20220812-en

evasion persistence

windows10-2004-x64

8 signatures

150 seconds

General

Target

0d4ad31daf8c712253b2417f29ddebf2.exe
Size

37KB
MD5

0d4ad31daf8c712253b2417f29ddebf2
SHA1

b779c7e72c75166657936b8303d738bcf6b3b1c8
SHA256

563a7e38d7e0f004e610a032bb5400982765ae484096ff61d3a80e47a86f7bbd
SHA512

e396c6e4e0db3c010167ba1faf50f27bde19e4de0c56dfa368b20504a4bdc86d60736bf78c99af8cd16b8fe145445d7b9685c33f56536a1ab91651c23db62a59
SSDEEP

384:UnuPT8PgibBjpPu7w9qyMTO1P5IsW+LJbrAF+rMRTyN/0L+EcoinblneHQM3epzC:VQNN9ZMTO1GV+prM+rMRa8Nu6Xt

Score

10^/10

blaze njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Blaze

C2

0.tcp.eu.ngrok.io:11800

Mutex

6526edded60152d341db1d49406ef599

Attributes

reg_key
6526edded60152d341db1d49406ef599
splitter
|'|'|

Signatures

Njrat family
njrat

Files

0d4ad31daf8c712253b2417f29ddebf2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy