njrat | Autoruns[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Autoruns.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Autoruns.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

300 seconds

General

Target

Autoruns.exe
Size

2.4MB
MD5

66ba03cf861ef7c02f1ad94680082acc
SHA1

6ed0ac4dca96c3e26e1a98ed7a35a3bee0a49e0c
SHA256

11e8cc7273ec7ae1af6a6b825e201ffe9fed0c53ee040f1089ab621bd69bee28
SHA512

aad362d45eef9039d27f7c2e9328549e2418650f0aa39397aeb6e00be4baf93f2160b7e6065ecdc77afaf3f18e14f606565634164dc92f213d1ad645a78e3f5e
SSDEEP

49152:JRjLCJSLYIujU519eCvepXi/Wsqo69n1lme8CeD3p:jjLCJSLYdjkrWsqo691lmJ

Score

10^/10

victim njrat

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

oxy01.duckdns.org:6522

Mutex

8c47e740704afa553c0acf7809e56295

Attributes

reg_key
8c47e740704afa553c0acf7809e56295
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Files

Autoruns.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy