njrat | 1728-55-0x00000000003C0000-0x00000000003CC000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1728-55-0x...ry.exe

windows7-x64

1728-55-0x...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1728-55-0x00000000003C0000-0x00000000003CC000-memory.exe

Resource

win7-20230220-en

njrat hacked evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1728-55-0x00000000003C0000-0x00000000003CC000-memory.exe

Resource

win10v2004-20230220-en

njrat hacked evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

1728-55-0x00000000003C0000-0x00000000003CC000-memory.dmp
Size

48KB
MD5

9948b0078db02f20a849748bfe4d1d1c
SHA1

b452876d8daef06dffe35a8767386ae575c0f0d6
SHA256

4c56ade4409add1d78eac3b202a9fbd6afbd71878c31f798026082467ace2628
SHA512

bf1ea220ad74153aaf8379dea78cf322171a23cdd44203bbbfea188a2b31d3a9b16e60541eb2aed8c61e3f76c6fc0b983317b00ca31a01a8b63d082bee42f8d6
SSDEEP

384:MoWSkWHa55BgDVRGipkItzY6vZg36Eh7FpmRvR6JZlbw8hqIusZzZvt:7Juk9pHRpcnu2

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

blog.biliianstore.com:1991

Mutex

76e66b105946ffdfd44b4673a61b0c13

Attributes

reg_key
76e66b105946ffdfd44b4673a61b0c13
splitter
|'|'|

Signatures

Njrat family
njrat

Files

1728-55-0x00000000003C0000-0x00000000003CC000-memory.dmp
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy