njrat | c7d0840368e9d5d1ad4a8ecd5eee8f02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7d0840368e9d5d1ad4a8ecd5eee8f02
Size

80KB
MD5

c7d0840368e9d5d1ad4a8ecd5eee8f02
SHA1

5bd0ea6ab7aed86fd27d2683d906aedf0cdcdd7a
SHA256

fbf73e11b86137aa9ca822eda2071bd63e74e35f1a87636560eb03a36ec1ecb3
SHA512

9471d69697253ec71aa6c53709475832b1a951faae4202954a985829d9f404d52dd81b77982b39607e327a132f333819ec3d70fd0ab0340b6ea101a543e9bee7
SSDEEP

768:hze/4JBanyhYbXS1qAJizBrXUa590TRXZ66QDY/X9u0hcbfryU:5C4JBanyhYbXSCzBrXUdKY/Xg8cbTy

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Botnet

HacKed

Mutex

53$79$73$74$65$6d$33$32

Attributes

reg_key
53$79$73$74$65$6d$33$32
splitter
|-F-|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7d0840368e9d5d1ad4a8ecd5eee8f02

Files

c7d0840368e9d5d1ad4a8ecd5eee8f02
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ