njrat | Server[.]exe

Resubmissions

31/05/2023, 06:10

230531-gxelvadf4w 10

31/05/2023, 06:06

230531-gt7s8adb92 10

Sharing

Copy URL Twitter E-mail

General

Target

Server.exe
Size

93KB
MD5

c24e2444c22c1c92631e078a1ae4df66
SHA1

22cb31b01af42189c1666a9b607b29a13afa2eba
SHA256

cd208fd09ba669f86baa738c4b2efb870b357fec869c0496909e04b979041ea5
SHA512

1eba2056b504548cf736455afd47ee636d0a46ab3f5f15ab58e19b89c567c82d4fdd73f33492014866087805c1547f274842b444951c5a868a019ec0c8b72c69
SSDEEP

768:lY37KhnWXxyFcxovUKUJuROprXtwN8eYhYbmXxrjEtCdnl2pi1Rz4Rk3rTsGdpc3:IKVWhIUKcuOJnPhBjEwzGi1dDrDcgS

Score

10^/10

thunder njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

THUNDER

FRANSESCOTI3LjAuFRANSESCOC4x:MTk4Nw==

Mutex

a9e12eef6485dd103b324be4d873e428

Attributes

reg_key
a9e12eef6485dd103b324be4d873e428
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Server.exe

Files

Server.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 92KB - Virtual size: 91KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 92KB - Virtual size: 91KB

.reloc
Size: 512B - Virtual size: 12B