njrat | Server[.]exe

Resubmissions

25/11/2023, 19:35

231125-ya6v9acd35 10

25/11/2023, 19:29

231125-x7d13acc88 10

Sharing

Copy URL Twitter E-mail

General

Target

Server.exe
Size

93KB
MD5

acd8c3c56cb5e947db50fc2bf9f6c41b
SHA1

8bcbb81ff710e4d7325d10cb6464e5bf10044bc7
SHA256

4b0ebe02849c45e26b59d28b06b02aeca47c15a379b8d0767f64fd199402d5a2
SHA512

14f74c66464bd8f2b6b8a9e7e6717c8d33c603a507d471086b77cd1a74280b3191cb5c259a2982b76b3ecc8373e4e3cb87fe0e182155bef01a0b6972e8ebc466
SSDEEP

768:YY3MUgSgmnldjcRoMwrx7Y+DIkIITJbXX0pOt8ux82WXxrjEtCdnl2pi1Rz4Rk3c:sUumlbrq+1NTZ0OojEwzGi1dDBDUgS

Score

10^/10

vaul njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

vaul

hakim32.ddns.net:2000

217.12.207.3:5555

Mutex

8ad24d6a81281f929a481d1cc3a373b1

Attributes

reg_key
8ad24d6a81281f929a481d1cc3a373b1
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Server.exe

Files

Server.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 92KB - Virtual size: 91KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 92KB - Virtual size: 91KB

.reloc
Size: 512B - Virtual size: 12B