njrat | 628581628687346F5BDF694A9B305076[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

628581628687346F5BDF694A9B305076.exe
Size

22KB
MD5

628581628687346f5bdf694a9b305076
SHA1

5ea0367acf2184ffd817bb067fb7a369a3b35bd2
SHA256

0e5b37caaaf8b4d0fe6b5db102f6566e23cacdc5d0d0ce378441c0c6a582e704
SHA512

47528cb1d64bb3cb690b89f31c03c5f13cb23e79d24257e3d4c72c30f60d07fbeccd4eb056b9d8452c643f7071256e59439231b255236e9811e206c3e04b7a37
SSDEEP

384:/Ov7R9a738QbdUVCAdLdtF5g884YCbihSj/th3MRA0uuToEGs5Is:GTRM73nzAdLdtFOIbzPU0EGst

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
628581628687346F5BDF694A9B305076.exe

Files

628581628687346F5BDF694A9B305076.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ