Behavioral task
behavioral1
Sample
bK7E.exe
Resource
win7-20230220-en
General
-
Target
bK7E.exe
-
Size
23KB
-
MD5
888dcdd4e1306865e2ef687ae5bd4a04
-
SHA1
f2fa50dbb9727b7c28ad588098cd398d09fb507b
-
SHA256
d27949f622083d799ba2f49e3a7039be4e57094ba7fcba635d028f269522007d
-
SHA512
14fca0968894f73eb1a33e1359b7f5dbdf386aeb782ccef286f138e39cd31cd91b01622e42a8270049944c5a4aae7616a5ed91d9ca216f49e98917cee1fb42fa
-
SSDEEP
384:QoWtkEwn65rgjAsGipk55D16xgXakhbZD0mRvR6JZlbw8hqIusZzZMdJ:f7O89p2rRpcnu/J
Malware Config
Extracted
njrat
0.7d
HacKed
0.tcp.ngrok.io:17506
db4fd7d140aa221059113328d0539f84
-
reg_key
db4fd7d140aa221059113328d0539f84
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
bK7E.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ