njrat | Server[.]exe

Resubmissions

14/03/2024, 18:25

240314-w2v7qabd5z 10

14/03/2024, 18:20

240314-wy2v4abc8t 10

Sharing

Copy URL Twitter E-mail

General

Target

Server.exe
Size

22KB
MD5

8cf466a9d83bb0d47dad03026397e02d
SHA1

88b2ca63f9dfa5e2b34557f501883a07e2a3afea
SHA256

9e67113d60bf0260146a4c35841dbc95a23f57ef0a1092f3e24ff459317102be
SHA512

c01085198cd92bca3871e2f627f41bfd02c05a1c774072317b0e887e161e3e9ea29ebd59ed3fe86d21e68b8e21ea50c49a49893d61897bcd08d70ed1757285de
SSDEEP

384:0oWtkEwn65rgjAsGipk55D16ogXakhbZD0mRvR6JZlbw8hqIusZzZSb:j7O89p/rRpcnu/

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

7.tcp.ngrok.io:22206

Mutex

7ae22e6df0f10ff22b3bc61db4faf665

Attributes

reg_key
7ae22e6df0f10ff22b3bc61db4faf665
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Server.exe

Files

Server.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 21KB - Virtual size: 21KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 21KB - Virtual size: 21KB

.reloc
Size: 512B - Virtual size: 12B