njrat | Server[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Server.exe

windows7-x64

8

Server.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Server.exe

Resource

win7-20221111-en

evasion persistence

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

Server.exe

Resource

win10v2004-20221111-en

evasion persistence

windows10-2004-x64

6 signatures

150 seconds

General

Target

Server.exe
Size

37KB
MD5

ffacccd34fe6b956cc4c2675b683ebf4
SHA1

edc28d7b4638e311f5f271c9563d1a54b327d08a
SHA256

bf81dbd204ff172b316a8fedf108ed7e5f3da285c4ebb569a75a9de734284a87
SHA512

7996f892cec9091638315325bd2d2a4d7f3618691568f46fda38366c4a8c83ebbf09e03b6e77925064618c0b2aa953bd97a5b08f2800af4540e8ad37e302e17d
SSDEEP

384:OiVvEiTbTvpWNcZ0y8fvCv3v3cLkacparAF+rMRTyN/0L+EcoinblneHQM3epzXM:LV7TZ38fvCv3E1cQrM+rMRa8Nusrt

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

4.tcp.eu.ngrok.io:13536

Mutex

e5836c30acd1dfe5c4fe7dd77da7989f

Attributes

reg_key
e5836c30acd1dfe5c4fe7dd77da7989f
splitter
|'|'|

Signatures

Njrat family
njrat

Files

Server.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy