Behavioral task
behavioral1
Sample
injector.exe
Resource
win7-20230220-it
General
-
Target
injector.exe
-
Size
37KB
-
MD5
de89dbebf0e731c8094834d998f84898
-
SHA1
77ceea299a17e8aea20c22531153aabfdcd8e339
-
SHA256
796ca2cb4e32ec0bebf630bc306f322622bfa724bc8ce9b92186e2387d81b407
-
SHA512
fe03b5889c7e79e1edb5fc6f6a4844e60201add8b85163cba09ef11d0c72e6efec77eb76a6b89174597bfbc44abd67da9966110af11e20f022114387a97b2e3c
-
SSDEEP
384:IwNTgiG1C9ZfursvO6yszypBE3XGTUsIDYrAF+rMRTyN/0L+EcoinblneHQM3epG:vNZ5WpszypBEmwsIMrM+rMRa8Nu8Nt
Malware Config
Extracted
njrat
im523
HacKed
imloveratnik.ddns.net:3019
5dd8b4acc41fae1bfb69a6c1ca3f6352
-
reg_key
5dd8b4acc41fae1bfb69a6c1ca3f6352
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource injector.exe
Files
-
injector.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ