njrat | TEST AGAIN[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

TEST AGAIN.exe

windows7-x64

3

TEST AGAIN.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

l indian scammer ezezezez njrat

1 signatures

Behavioral task

behavioral1

Sample

TEST AGAIN.exe

Resource

win7-20230220-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

TEST AGAIN.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

TEST AGAIN.exe
Size

37KB
MD5

3e9302406621cc6437e80ab27435912c
SHA1

e0cf66f85faa521c2c156b8f2c33cdb0f3fe32cf
SHA256

c39cf9e770d56dde272b287d62f9b0c26d2dc2011959f955fa474e36f9701b4d
SHA512

bc8e26fb63642265d304dd3f7c4cd04e040bd68d3d88de6bfa37a56a185839be19a80c697bc0608dde34dd8ea9e6d4985b9ea52e1820dcf5ae2a35f595ba9ffb
SSDEEP

384:CLI2+yik52zIuMXY1uyZD7xq8knJMsu2DXrAF+rMRTyN/0L+EcoinblneHQM3ep3:5EY1lN7E8kmt27rM+rMRa8Nufbt

Score

10^/10

l indian scammer ezezezez njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

L indian scammer ezezezez

C2

chapter-julia.at.ply.gg:17779

Mutex

05c7991f41f0713de8f0f8ccbcce7e85

Attributes

reg_key
05c7991f41f0713de8f0f8ccbcce7e85
splitter
|'|'|

Signatures

Njrat family
njrat

Files

TEST AGAIN.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy