Behavioral task
behavioral1
Sample
ROBLOX HACKING LOLLLL XD XD XD XD XD XDX D XD XD X DXX DXDX DXDXD X DX DX DX DX DXD.exe
Resource
win10-20240221-en
General
-
Target
ROBLOX HACKING LOLLLL XD XD XD XD XD XDX D XD XD X DXX DXDX DXDXD X DX DX DX DX DXD.exe
-
Size
67KB
-
MD5
6d7056b8ffda89562aae758e22b063b4
-
SHA1
dcc45297abc6d3facb19746245b1d18e55307e4b
-
SHA256
8a1364d1d1254b51557f2b76e8abfe37bbd6b5220894f32e4fad64b115bd7ece
-
SHA512
08f0e1a19c252b028758b5454746e38f21eadc10e8c47ec9e15b4f4ff4a614b72306be07373f94d68665fd1a4053195af1101c01d556ea0aac75bef43664c423
-
SSDEEP
1536:+LE3nYi9bScWq2dH3RZ7dWWTA9/AWL+kYmfxdJu:+oXYi9bcqChhdW+Er+mxdJ
Malware Config
Extracted
njrat
v2.0
HacKed
sdg7.ddns.net:1177
Windows
-
reg_key
Windows
-
splitter
|-F-|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ROBLOX HACKING LOLLLL XD XD XD XD XD XDX D XD XD X DXX DXDX DXDXD X DX DX DX DX DXD.exe
Files
-
ROBLOX HACKING LOLLLL XD XD XD XD XD XDX D XD XD X DXX DXDX DXDXD X DX DX DX DX DXD.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ