njrat | 53e21aac7bf47d81342291d954d7a9cf51b446989b769cb6df3b187f8811f177[.]zip

General

Target

53e21aac7bf47d81342291d954d7a9cf51b446989b769cb6df3b187f8811f177.zip
Size

36KB
MD5

b145fa71740f4cfe4f9119d49983706a
SHA1

bddea8d13f6247641cd66c3c271e254a974bbbd3
SHA256

8311cf61d262b5e3a7eaf7de9764ee08c14176376d82dda8f872f94e0a5986d9
SHA512

8bdd1e67ad078085b366d8dc6fc1a178fa10df9f3d283def05008ddd877397c41ee778987d47a1408376c4c46941a79f4be0e719a73e85eb100a4cf83edfa61a
SSDEEP

768:MrUqpFVAJcuwKkl2FCDkgkPJPI/3sZ3g/NAynuMiGgf/0ZIjRVYHcdiDwF+:rqrVehFUkDFyAcR40ZkAcdiwF+

Score

10^/10

hacked njrat

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

ndf236fgh4367h.ddns.net:9065

Mutex

f263f12e32521cfd71634d689421c6e9

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/53e21aac7bf47d81342291d954d7a9cf51b446989b769cb6df3b187f8811f177

53e21aac7bf47d81342291d954d7a9cf51b446989b769cb6df3b187f8811f177.zip
.zip

Password: infected
53e21aac7bf47d81342291d954d7a9cf51b446989b769cb6df3b187f8811f177
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ