njrat | 16102023_2159_15102023_Purchase Order-Project Drawing[.]_fdP[.]Rev

General

Target

16102023_2159_15102023_Purchase Order-Project Drawing._fdP.Rev
Size

12KB
MD5

3356eb40aa3fd6e31be849bc2db80d1d
SHA1

e5e07ca53143cf3442cd8161e70b59f26b2b0cfd
SHA256

ba645e2daf54a198b1adfd8b26af6353d702b1bfec46ce2d834dbbf6534582c1
SHA512

967c6a12c5a16166ec5068a6a4c77be67fe8610e4d0fd1a2ad1f70b22fce767bf8402ac332eeb6cb6d1f9a16ec2055cae3fbbd13d0ad425c9e100645ba1459ae
SSDEEP

384:L01kW4EFm5UIESUMLiPz6CekQSgdYiw7kTDEp:0kn5aSUMCySgdLk

Score

10^/10

hacked njrat

Family

njrat

Version

v4.0

Botnet

HacKed

C2

103.212.81.159:4001

Mutex

Windows

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Purchase Order-Project Drawing.exe

16102023_2159_15102023_Purchase Order-Project Drawing._fdP.Rev
.rar

Password: 12345
Files Password 12345.txt
Purchase Order-Project Drawing.‮fdP.7z
.rar

Password: 12345
Purchase Order-Project Drawing.exe
.exe windows:4 windows x86

Password: 12345

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ