njrat | e98101dbf8311003f9fa76cffcef07d2[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

e98101dbf8...d2.exe

windows7-x64

e98101dbf8...d2.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

+79064314522 njrat

1 signatures

Behavioral task

behavioral1

Sample

e98101dbf8311003f9fa76cffcef07d2.exe

Resource

win7-20230220-en

njrat +79064314522 evasion persistence trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

e98101dbf8311003f9fa76cffcef07d2.exe

Resource

win10v2004-20230221-en

njrat +79064314522 evasion persistence trojan

windows10-2004-x64

13 signatures

150 seconds

General

Target

e98101dbf8311003f9fa76cffcef07d2.exe
Size

37KB
MD5

e98101dbf8311003f9fa76cffcef07d2
SHA1

0ccaf1ace116f479a18e80056fd8a574380684c9
SHA256

ebf34ad603dad63b57fe29e7a462324d8540fa64d28ba8eab88b4132daa48451
SHA512

1fe481462856d935a52d127ab40d6c427c12fd0025a081b1c8fee7119fe7b0d72caa73b0abeebbc656e6c3cc41880f6e38c75d912bb8eb1c0b752fbe9e447160
SSDEEP

384:dBb8yyaik3hkdTnNiybYTOL3HScs/Y79rAF+rMRTyN/0L+EcoinblneHQM3epzXC:HYycxNxbYTOLidY5rM+rMRa8Nu+mtQ

Score

10^/10

+79064314522 njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

+79064314522

C2

7.tcp.eu.ngrok.io:11417

Mutex

7c18b46bc15fb57d910005561e5c95bb

Attributes

reg_key
7c18b46bc15fb57d910005561e5c95bb
splitter
|'|'|

Signatures

Njrat family
njrat

Files

e98101dbf8311003f9fa76cffcef07d2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy