njrat | ChatgptHelper[.]bin[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

ChatgptHelper.exe

windows7-x64

ChatgptHelper.exe

windows10-1703-x64

8

ChatgptHelper.exe

windows10-2004-x64

8

Resubmissions

05-03-2023 10:32

230305-mk95wagc54 10

26-02-2023 16:19

230226-tstleshc4z 10

26-02-2023 16:16

230226-tq2t1shc4s 10

26-02-2023 16:07

230226-tk2bashd66 10

26-02-2023 15:50

230226-taa2cshb61 10

26-02-2023 15:19

230226-sqhwgahc64 10

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ChatgptHelper.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

120 seconds

Behavioral task

behavioral2

Sample

ChatgptHelper.exe

Resource

win10-20230220-en

windows10-1703-x64

5 signatures

120 seconds

Behavioral task

behavioral3

Sample

ChatgptHelper.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

5 signatures

120 seconds

General

Target

ChatgptHelper.bin.zip
Size

16KB
MD5

08480329b811e7d893d69964f42d04e7
SHA1

a6749bd149d476ecfd0ac7453d9bfeae39579325
SHA256

21373a6d949a357dd7cab0df39490d440415d0887316430771923547f65a349c
SHA512

79180bd8711e70feae33050423092e0be2f8b39390db493a81e5361c5283a7c34a29780d097a2b56d9c3a6b4cdc513259118ad4152ee8e75b2e8aba9f62c3570
SSDEEP

384:wHIDNXyAoto5djCYNTq7OAZVTvWuK/sHpHLgD7jGMb5YAlbQ:wyNXyudm7O4Tuf8ponXZQ

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

7.tcp.eu.ngrok.io:19698

Mutex

330867499299d35c5dff831d5c393122

Attributes

reg_key
330867499299d35c5dff831d5c393122
splitter
|'|'|

Signatures

Njrat family
njrat

Files

ChatgptHelper.bin.zip
.zip

Password: infected
ChatgptHelper.bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy