Behavioral task
behavioral1
Sample
4ac97876e13ba932cc9f7c00173fd958.exe
Resource
win7-20230220-en
General
-
Target
4ac97876e13ba932cc9f7c00173fd958.exe
-
Size
37KB
-
MD5
4ac97876e13ba932cc9f7c00173fd958
-
SHA1
1c84938b4cf33bb6f4fd2cd5bf4734fda614bb6c
-
SHA256
1c6935c5622b81350dffeed2f9fcd6c43645f73bb88d697d927495f45d02411b
-
SHA512
4ec6852d9883f9ef932755a39fba1877e410e458a534718c42e6558ff38420b779e807bd408ae41396b60cacc983290fb75e5a7f8897728efff26624f2c844c5
-
SSDEEP
384:LmOs0IiejvCVLO309QmykrtG+dA+VCwvOSifrAF+rMRTyN/0L+EcoinblneHQM32:RFdGdkrgYUwWS0rM+rMRa8NuL3t
Malware Config
Extracted
njrat
im523
HacKed
5.tcp.eu.ngrok.io:12006
f608a4eae87cfbfea6badcabc7c41ecd
-
reg_key
f608a4eae87cfbfea6badcabc7c41ecd
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
4ac97876e13ba932cc9f7c00173fd958.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ