njrat | b72f3fc55ae3de481cad90bba27dcb15[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b72f3fc55ae3de481cad90bba27dcb15.bin
Size

113KB
MD5

e9c9d918d5fb94dbf1988e07509a4618
SHA1

2dbeb1cb3afa191c756e46a8810fd8c1f21dc26c
SHA256

2ca489a590cb7c4124dd4ef8f0f13a629cc1103dbeb37011a80613e720138ab6
SHA512

cbadfa8e62d2a9d19bcf0ce8a8f6e6bdc2da4817de28cab27ccd456016349ff54bd793acc0a3097f6ba2d9f6cfd5918220fd9be266a8dfa07d763d2ff06501b0
SSDEEP

1536:vu8KekSwo13JlDeP99mRmuHXeJ3wdUwmoNx0De4QeVii3Y22NimVVZuCHcnozosN:2WXJrQu3OwvmoNx6LVi/3BrJosuLel

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ba93ee7bb38e10c6b38fb3c37798ad618e20b4f3d5125bd8d5de77f23afc3dcd.exe

Files

b72f3fc55ae3de481cad90bba27dcb15.bin
.zip

Password: infected
ba93ee7bb38e10c6b38fb3c37798ad618e20b4f3d5125bd8d5de77f23afc3dcd.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ