Behavioral task
behavioral1
Sample
mjed.exe
Resource
win10-20240221-en
General
-
Target
mjed.exe
-
Size
27KB
-
MD5
ccd138adfd7b6c7806ebf5a69fb0ec5d
-
SHA1
7173bca3c26c25d3948ed8dce5607797500ac3ae
-
SHA256
9b01b990c37f143b763b4dda75f54a9bff6f916bcee6af8ea7cec7be0481e4b5
-
SHA512
bcfd77b0f35db7774a4c95ad91f6dd597afd9913139ce2bc9b3bcc013ba5fff74160c71cccd8cdaf240df4f1386bcec7504402488f2408903a8baa3aea479136
-
SSDEEP
384:oLam4PanO4Y7pcdYGiTOCsPodxxM2AQk93vmhm7UMKmIEecKdbXTzm9bVhcaQ601:W63vc7OQ2A/vMHTi9bD
Malware Config
Extracted
njrat
v2.0
HacKed
sfg1.ddns.net:1177
Windows
-
reg_key
Windows
-
splitter
|-F-|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource mjed.exe
Files
-
mjed.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ