njrat | xDamgerV3[.]zip

General

Target

xDamgerV3.zip
Size

38KB
MD5

ff85dc949935af4bee61032fe4854e83
SHA1

5b22f62844bc47a9882725ced5c505adaf086dc3
SHA256

2c79746a89e687d737f7da4d9e97b9b25af834dadd1058fef2c5317153b69c89
SHA512

559af85bd3f0a0de8b2de90ddd359a9455fba87ce853a591d2d311d330ab43eac9f6cec4da5bab3d56adefff3213a6af0de3b10707dcdc1faa13c489b1feb1c1
SSDEEP

384:nUlLplYHHeIYTzRRcbg8iEPrthZMVAQk93vmhm7UMKmIEecKdbXTzm9bVhca56Ba:UlfZxRm8VA/vMHTi9bDlS2vMMf

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

paul-positive.at.ply.gg:9693

Mutex

Windows

Attributes

reg_key
Windows
splitter
|-F-|

Signatures

Njrat family
njrat

Files

xDamgerV3.zip
.zip
xDamgerV3/IconExtractor.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xDamgerV3/readme.txt
xDamgerV3/xDamgerV3.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 940B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 25KB - Virtual size: 24KB

.rsrc Size: 1024B - Virtual size: 576B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 940B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 1024B - Virtual size: 576B

.reloc
Size: 512B - Virtual size: 12B