Overview

overview

10

Static

static

10

njrat joke...pt.vbs

windows7-x64

10

njrat joke...pt.vbs

windows10-2004-x64

10

njrat joke...��.exe

windows7-x64

7

njrat joke...��.exe

windows10-2004-x64

7

njrat joke...gA.exe

windows7-x64

7

njrat joke...gA.exe

windows10-2004-x64

7

njrat joke...is.exe

windows7-x64

7

njrat joke...is.exe

windows10-2004-x64

7

njrat joke...lf.exe

windows7-x64

1

njrat joke...lf.exe

windows10-2004-x64

1

njrat joke...uk.exe

windows7-x64

7

njrat joke...uk.exe

windows10-2004-x64

7

njrat joke...py.exe

windows7-x64

1

njrat joke...py.exe

windows10-2004-x64

1

njrat joke...MD.exe

windows7-x64

7

njrat joke...MD.exe

windows10-2004-x64

7

njrat joke...od.hta

windows7-x64

1

njrat joke...od.hta

windows10-2004-x64

1

njrat joke...rp.exe

windows7-x64

1

njrat joke...rp.exe

windows10-2004-x64

1

njrat joke...rs.exe

windows7-x64

1

njrat joke...rs.exe

windows10-2004-x64

1

njrat joke...ns.exe

windows7-x64

1

njrat joke...ns.exe

windows10-2004-x64

1

njrat joke...or.exe

windows7-x64

1

njrat joke...or.exe

windows10-2004-x64

1

njrat joke...ot.hta

windows7-x64

10

njrat joke...ot.hta

windows10-2004-x64

10

njrat joke...el.exe

windows7-x64

1

njrat joke...el.exe

windows10-2004-x64

1

njrat joke...l].exe

windows7-x64

1

njrat joke...l].exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    88bfce478bd7fb2b2066585d04aeee40.bin

  • Size

    120.0MB

  • MD5

    88bfce478bd7fb2b2066585d04aeee40

  • SHA1

    4a882ddef76527b572e506b177a68d3fc253b401

  • SHA256

    a1e5bd8aa2ea043f939d95c52776cd5411abc1265d5d153917581fc80d97c7b1

  • SHA512

    f662aeeb4f88d5e6ea268f054e64ce76d91304a6d82ae66ccc9deb734e0932ccce854b57ed05609335ab43dbdb33a3156249713f077330984a587bfc77bfef7b

  • SSDEEP

    3145728:M8T+K3T5EgOldGs2ZuS6Bp2e9AcFl5hOM24kzIE1uRhp0:Ms+MEgOK6TBpHFlTOJcQwhK

Score
10/10
upxmodiloaderneshta

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Detect Neshta payload 1 IoCs
  • ModiLoader Second Stage 1 IoCs
  • Modiloader family
    modiloader
  • Neshta family
    neshta
  • UPX packed file 12 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 2 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 68 IoCs

    Checks for missing Authenticode signature.

Files

  • 88bfce478bd7fb2b2066585d04aeee40.bin
    .zip

    Password: infected

  • njrat jokes/Bypass-Windows-Defender-VBS-master/script.vbs
    .vbs
  • njrat jokes/Pack by Denyx/9.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/AgA.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    5877688b4859ffd051f6be3b8e0cd533


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Gadenis.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Gendalf.exe
    .exe windows:4 windows x64 arch:x64

    Password: infected


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Gondon-Zvuk.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Govno_iz_shopy.exe
    .exe windows:4 windows x64 arch:x64

    Password: infected


    Headers

    Sections

  • njrat jokes/Pack by Denyx/G/BOMBER-CMD.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/G/bsod.hta
    .html
  • njrat jokes/Pack by Denyx/G/burp.exe
    .exe windows:1 windows x86 arch:x86

    Password: infected


    Headers

    Sections

  • njrat jokes/Pack by Denyx/G/crazyinvers.exe
    .exe windows:4 windows x86 arch:x86

    8fe4fa5737a5fea5344237a48e3cbdb3


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/G/erroricons.exe
    .exe windows:4 windows x86 arch:x86

    cec3e5d2bced7e13326b2e9adbcf6786


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/G/erroriconscursor.exe
    .exe windows:4 windows x86 arch:x86

    ad5cc70b96921276e48520b0bcf04cfa


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/G/hotspot.hta
    .hta .vbs polyglot
  • njrat jokes/Pack by Denyx/G/toonel.exe
    .exe windows:4 windows x86 arch:x86

    e0b5014461614f948d3c43018be8b95d


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/MeatSpin [Full].exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by Denyx/MeatSpin [Mini].exe
    .exe windows:4 windows x86 arch:x86

    5877688b4859ffd051f6be3b8e0cd533


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/MeatSpin-Boost.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Messedj'i/Defender_Settings.vbs
    .vbs
  • njrat jokes/Pack by Denyx/Messedj'i/Hydra.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Messedj'i/TaskMgr [OFF].reg
  • njrat jokes/Pack by Denyx/Messedj'i/TaskMgr [ON].reg
  • njrat jokes/Pack by Denyx/Messedj'i/idi_naxyi_xyesos_ebaniy.VBS
  • njrat jokes/Pack by Denyx/Messedj'i/messages2.vbs
  • njrat jokes/Pack by Denyx/Messedj'i/myBSOD.exe
    .exe windows:6 windows x86 arch:x86

    f9396e23aa3a575aa9b20e900255ddb0


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Messedj'i/navalny.VBS
  • njrat jokes/Pack by Denyx/Navalny-WP.exe
    .exe .vbs windows:4 windows x86 arch:x86 polyglot


    Headers

    Sections

  • njrat jokes/Pack by Denyx/PizDec.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Podchinenie.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Port.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Seronxelia.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Shkolnik-Goliy.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by Denyx/TyTyTy.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Ty_kto_takoi.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Vibory.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/ViklychitePC1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/ViklychitePC2 VKL PC Uyrik.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/WinLocker.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/WinLocker/navalny pass - 2000.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Winlocker Builder/WinLocker_Builder_0.4.exe
    .exe windows:4 windows x86 arch:x86

    d5d9d937853db8b666bd4b525813d7bd


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Winlocker Builder/builder #6.exe
    .exe windows:4 windows x86 arch:x86

    d5d9d937853db8b666bd4b525813d7bd


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Ykraine.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/Zametily-Wp.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx/Zopa.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/hitler.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by Denyx/hui.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • njrat jokes/Pack by Denyx/ -  (back).exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Denyx//boynextdoor.jpg
    .jpg
  • njrat jokes/Pack by Denyx//gays.jpg
    .jpg
  • njrat jokes/Pack by Denyx//navalny.jpg
    .jpg
  • njrat jokes/Pack by Denyx// ⨫.png
    .png
  • njrat jokes/Pack by Jumper/SOCIAL CREDIT TEST (virus)/README!!!.txt
  • njrat jokes/Pack by Jumper/SOCIAL CREDIT TEST (virus)/SOCIAL CREDIT TEST.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ ஢騪/Ention FULL/Ention FULL.exe
    .exe windows:1 windows x86 arch:x86

    140094f13383e9ae168c4b35b6af3356


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ ஢騪/Ention/Locker.exe
    .exe windows:5 windows x86 arch:x86

    04b4eec1b14791bf23f31173f27a5df0


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ ஢騪/Ention/Unlocker.exe
    .exe windows:5 windows x86 arch:x86

    04b4eec1b14791bf23f31173f27a5df0


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/⡥.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/窮  ᬥ.exe
    .exe windows:4 windows x86 arch:x86

    5877688b4859ffd051f6be3b8e0cd533


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ப.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/᪨ .exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/⮭.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/஭奫.exe
    .exe windows:4 windows x86 arch:x86

    5877688b4859ffd051f6be3b8e0cd533


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/뫮窠   .exe
    .exe windows:4 windows x86 arch:x86

    5877688b4859ffd051f6be3b8e0cd533


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ᨪ.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by Jumper/ 㤠ᠩ.exe
    .exe windows:5 windows x86 arch:x86

    12e12319f1029ec4f8fcbed7e82df162


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/AUGHHHH_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/AyAyAyImFuckingButerfly_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    00be6e6c4f9e287672c8301b72bdabf3


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Dirochka_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Harka_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Konstruktor_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/MEGA_UKUPNIK_MINUS_USHI_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    00be6e6c4f9e287672c8301b72bdabf3


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Meatspin_v6_FULL_by_LuckyKazya.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by LuckyKazya/Meatspin_v6_MIN_by_LuckyKazya.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • njrat jokes/Pack by LuckyKazya/Podchinenie_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Police_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Screamer_by_LuckyKazya.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/Shkolnik_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/UKUPNIK_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/ZaStaroeVzyalsa_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/gondon_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/rukablud_by_LuckyKazya.exe
    .exe windows:5 windows x86 arch:x86

    fcf1390e9ce472c7270447fc5c61a0c1


    Headers

    Imports

    Sections

  • njrat jokes/Pack by LuckyKazya/vaszametili_by_LuckyKazya.jpg
    .jpg
  • njrat jokes/ᨪ/video_2022-06-30_15-48-03.mp4
  • njrat jokes/ᨪ/ 짮 ਧࢠ⨢.mp4
  • njrat jokes/ᨪ/ .mp4