njrat | 24c06159b8a5b1b3298cf16d7f4f1254[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

24c06159b8...54.exe

windows7-x64

24c06159b8...54.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

24c06159b8a5b1b3298cf16d7f4f1254.exe

Resource

win7-20230220-en

njrat victim evasion persistence trojan

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

24c06159b8a5b1b3298cf16d7f4f1254.exe

Resource

win10v2004-20230220-en

njrat victim evasion persistence trojan

windows10-2004-x64

16 signatures

150 seconds

General

Target

24c06159b8a5b1b3298cf16d7f4f1254.exe
Size

55KB
MD5

24c06159b8a5b1b3298cf16d7f4f1254
SHA1

7aa27dc9f231790e40cefb47d7bf3c6e3aea9761
SHA256

d626c336748b19deb10a0c66c86cdf8f70ba2e12d9b8de0652487f03c47aecae
SHA512

93f0c77115c6601acac06c2c7c5bd9fb783fffc29e3ca5bc581bc9fc36cdf72baf631a4b185601c9747ce3a8f26000107225d1e011490c211e7e4cd4dad487c5
SSDEEP

768:8Uiy1ut1MankI2Nthie/R3Q0kSNcmwFvfu0YMDHPsOL7XJSxI3pmam:8U18Dn2NthieZdDpwsNMDBXExI3pmam

Score

10^/10

victim njrat

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

hold-oo.at.ply.gg:25940

Mutex

dac03ed3252eed005d75e4daece12f93

Attributes

reg_key
dac03ed3252eed005d75e4daece12f93
splitter
Y262SUCZ4UJJ

Signatures

Njrat family
njrat

Files

24c06159b8a5b1b3298cf16d7f4f1254.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy