General
-
Target
61f3f6b2e8186bc072917f390fa663019bad82797749a3eff085eaef1aee75f2.exe
-
Size
297KB
-
MD5
b7dc88755d70e1ecae9672d6278a52bb
-
SHA1
5817f32e876d0f70961246eb8564d00f99595354
-
SHA256
61f3f6b2e8186bc072917f390fa663019bad82797749a3eff085eaef1aee75f2
-
SHA512
83ddb598e5da201eeb6e228a33da5ce9cf4f48731a8ad0703991f015e78cbb27d7156d46fa30f86e7773d5d5699b7cf4e982d404e05dece805002f055b4803ed
-
SSDEEP
6144:8Yofp+2vNzef9qHdykAYlqG2l3Bm7G+9HRoIVC:foLQ/GmxYRRVC
Malware Config
Extracted
njrat
im523
HacKed
45.141.27.207:2004
3d9ff66b04f28402875708747612b463
-
reg_key
3d9ff66b04f28402875708747612b463
-
splitter
|'|'|
Signatures
-
Njrat family
Files
-
61f3f6b2e8186bc072917f390fa663019bad82797749a3eff085eaef1aee75f2.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 261KB - Virtual size: 260KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ