njrat | new‮xcod[.]scr | Triage

Submit
Reports

Overview

overview

Static

static

new‮xcod.scr

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

new‮xcod.scr

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

new‮xcod.scr
Size

154KB
MD5

d7b98849017edbe1a96da0f29523535f
SHA1

ddeb0f76ecf9c9b0574ce6fa1cd127970928c947
SHA256

990311b73949f7e93e72b59ff5c9549d42a57747cd19673f959d0435e7d1cb04
SHA512

d32a815cd9928217ec47007bc3038f427b3ed01493ebc24cf6cde39a4a8e863bf5137380186101744ad3272244a86d9201a65c5b5bb43ec6bd43992f15380a52
SSDEEP

768:D6a6lOt1Man8E2N6FikUt34okSNrmwFvfu0YMDHPs3L7XJSxI3pmhmNq0vTW:D61cDnCN6FikSJDCwsNMDSXExI3pmhm

Score

10^/10

victim njrat

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

oxy01.duckdns.org:6522

Mutex

8c47e740704afa553c0acf7809e56295

Attributes

reg_key
8c47e740704afa553c0acf7809e56295
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Files

new‮xcod.scr
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy