njrat | 2032-55-0x0000000000260000-0x000000000026C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2032-55-0x...ry.exe

windows7-x64

2032-55-0x...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2032-55-0x0000000000260000-0x000000000026C000-memory.exe

Resource

win7-20230220-en

njrat hacked evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

2032-55-0x0000000000260000-0x000000000026C000-memory.exe

Resource

win10v2004-20230220-en

njrat hacked evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

2032-55-0x0000000000260000-0x000000000026C000-memory.dmp
Size

48KB
MD5

d67480c749821ee4646734a5b8d4c26e
SHA1

c3591d03bc33840de782c210b394411d9a2b490c
SHA256

9a532b5d8692a7abda33ed6542a8d57003c398b1526a1443a1031c9b102aa9b6
SHA512

0654787802ca8b1c2cd219eda41b245adb5ecbc5e627f8626fb602a6adb1f4d6146583f48f1e3d2bc04409563d97c851d65cff14fab2e74b3abbe2b99e2bd558
SSDEEP

384:829qHfDJBecNTlK9ShQh9XEAys7dG3ELZoyzMdOJ/xJvz2jmzUM9l/Us03Ms:Tq//TA9SUr19o8JDvUgjs

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

ebay.thedreamsop.com:2020

Mutex

Windows Explorer

Attributes

reg_key
Windows Explorer
splitter
|'|'|

Signatures

Njrat family
njrat

Files

2032-55-0x0000000000260000-0x000000000026C000-memory.dmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy