njrat | 904-56-0x0000000000520000-0x000000000052C000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

904-56-0x0...ry.exe

windows7-x64

904-56-0x0...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

904-56-0x0000000000520000-0x000000000052C000-memory.exe

Resource

win7-20230220-en

njrat hacked evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

904-56-0x0000000000520000-0x000000000052C000-memory.exe

Resource

win10v2004-20230220-en

njrat hacked evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

904-56-0x0000000000520000-0x000000000052C000-memory.dmp
Size

48KB
MD5

a228b4a6d1ef33410e50bfacbe4cb5dd
SHA1

b903dbf077f270e87992bdd8b4f80ec3efeb7da7
SHA256

6d8c6a7b451ec6bc397972ebd0da954e4c8d5e9b2d8ed2224328c2f1ba10f74b
SHA512

89181fcbcf43b46c35b25a5545e3f7016ce9c3b2bc6f915b4c517beaff496b26e2fb38516bb39ad980094e9d47eea19a030f40853ff6db7b18bda8754f2f927a
SSDEEP

384:7/MKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZvrr:7UW4V6+yDRpcnu+P

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

pet.donalbidden.ga:1991

Mutex

b28edce9639d05bb1e75e7079531d126

Attributes

reg_key
b28edce9639d05bb1e75e7079531d126
splitter
|'|'|

Signatures

Njrat family
njrat

Files

904-56-0x0000000000520000-0x000000000052C000-memory.dmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy