njrat | Payload[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

Payload.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Payload.dll

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

Payload.exe
Size

79KB
MD5

d61bd06e26b181ebe129f742cc186837
SHA1

b001e436a1713915084c389a706d89ae07dbdd8e
SHA256

eddaf930f0e69059721f8796a9998ceec6e0521cc42d691f9bc5e5d1acb7a0e2
SHA512

8758a9a8d0751857cd66bfefb510b3d06e7beb21ca11fd45c7b49d534af099a5883d8a4821c9aff7b1c769b16e788e606a4d789945606142f3cfe828a7c913ae
SSDEEP

1536:lvUDncDN5L+XE/RU9pywmYcc9+ko5tXExI3pmDO2Tz:FUDnUL+XE/2h6bXExI3pm

Score

10^/10

victim njrat

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

oxy01.duckdns.org:6522

Mutex

8c47e740704afa553c0acf7809e56295

Attributes

reg_key
8c47e740704afa553c0acf7809e56295
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Files

Payload.exe
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 575B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy