NjRat[.]0[.]7D[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

NjRat.0.7D.zip
Size

9.2MB
MD5

6a4984809b0b295b75d8a52095a70f73
SHA1

5b7fd2737d6f7c5541c17704534f7602f7465b8d
SHA256

902576f7f90174513a45bc82796b82c9264a57c82c0c72b7c9bf11e7da6bba96
SHA512

f54954b82b36c57604960c020e5674e413ca61a61111290c1712036d1f00175f1263967c5ce3674c5d28e606d3c06013d0d331faba24a3a1d77bd38429f22a1d
SSDEEP

196608:p3uLx63wJLFj37EL6GnrrrpPFXXmwB15EiuVnaUrHBB9UB:p4x+Gj3gXrr19Gwr+aQFm

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/NjRat 0.7D.exe
unpack001/Plugin/cam.dll
unpack001/Plugin/ch.dll
unpack001/Plugin/mic.dll
unpack001/Plugin/plg.dll
unpack001/Plugin/pw.dll
unpack001/Plugin/sc2.dll
unpack001/WinMM.Net.dll

Files

NjRat.0.7D.zip
.zip
GeoIP.dat
Icons/Bokehlicia-Captiva-Atom.ico
Icons/Bokehlicia-Captiva-Blender.ico
Icons/Bokehlicia-Captiva-Firewall-config.ico
Icons/Bokehlicia-Captiva-Nvidia-settings.ico
Icons/Bokehlicia-Captiva-Utilities-system-monitor.ico
Icons/Bokehlicia-Captiva-Web-slack.ico
Icons/Carlosjj-Microsoft-Office-2013-Access.ico
Icons/Carlosjj-Microsoft-Office-2013-Excel.ico
Icons/Carlosjj-Microsoft-Office-2013-InfoPath.ico
Icons/Carlosjj-Microsoft-Office-2013-Lync.ico
Icons/Carlosjj-Microsoft-Office-2013-Office.ico
Icons/Carlosjj-Microsoft-Office-2013-Outlook.ico
Icons/Carlosjj-Microsoft-Office-2013-PowerPoint.ico
Icons/Carlosjj-Microsoft-Office-2013-Word.ico
Icons/Ccard3dev-Dynamic-Yosemite-Numbers.ico
Icons/Chrisbanks2-Cold-Fusion-Hd-Radar.ico
Icons/Cornmanthe3rd-Plex-Android-App-drawer.ico
Icons/Cornmanthe3rd-Plex-Android-Baconreader.ico
Icons/Cornmanthe3rd-Plex-Android-Ebay.ico
Icons/Graphicloads-Colorful-Long-Shadow-Analytics.ico
Icons/Graphicloads-Colorful-Long-Shadow-Cloud.ico
Icons/Graphicloads-Colorful-Long-Shadow-Favourite.ico
Icons/Graphicloads-Colorful-Long-Shadow-Restaurant.ico
Icons/Graphicloads-Polygon-Cart-add.ico
Icons/Graphicloads-Seo-Services-Pay-per-click.ico
Icons/Harwen-Red-Christmas-Home.ico
Icons/Harwen-V-Day-Valentines-Day-Honey.ico
Icons/Harwen-V-Day-Valentines-Day-Present.ico
Icons/Hopstarter-Sleek-Xp-Basic-Money.ico
Icons/Hopstarter-Sleek-Xp-Software-Opera.ico
Icons/Iconka-St-Patricks-Day-Hat-tophat.ico
Icons/Icons-Land-Weather-Moon-Phase-Full.ico
Icons/Icons-Land-Weather-Sleet.ico
Icons/Icons8-Windows-8-Logos-Xbox.ico
Icons/Icons8-Windows-8-Security-Security-Checked.ico
Icons/Iconshock-Trendy-Guys-Andrew.ico
Icons/Indeepop-Crazy-Crown.ico
Icons/Johanchalibert-Mac-Osx-Yosemite-Safari.ico
Icons/Kevin-Thompson-Love-And-Breakup-Love-box.ico
Icons/Paddy-Web20rigami-Firefox.ico
Icons/Petalart-Business-Cloud-upload.ico
Icons/Ph03nyx-Super-Mario-Mushroom-Super.ico
Icons/Photoshopedia-Xedia-Firefox.ico
Icons/Tooschee-Misc-Present.ico
Icons/Tooschee-Misc-Sync.ico
Icons/Wallpaperfx-3d-Softwarefx-Acrobat-Reader.ico
Icons/Wallpaperfx-3d-Softwarefx-Chrome.ico
Icons/Wallpaperfx-3d-Softwarefx-Dreamviewer.ico
Icons/Wallpaperfx-3d-Softwarefx-Facebook.ico
Icons/Wallpaperfx-3d-Softwarefx-Firefox.ico
Icons/Wallpaperfx-3d-Softwarefx-ITunes.ico
Icons/Wallpaperfx-3d-Softwarefx-Illustrator.ico
Icons/Wallpaperfx-3d-Softwarefx-Photoshop.ico
Icons/Wallpaperfx-3d-Softwarefx-Quicktime.ico
Icons/Wallpaperfx-3d-Softwarefx-Safari.ico
Icons/Wallpaperfx-3d-Softwarefx-Skype.ico
Icons/Wallpaperfx-3d-Softwarefx-Thunderbird.ico
Icons/Wallpaperfx-3d-Softwarefx-Utorrent.ico
Icons/Wallpaperfx-3d-Softwarefx-Vlc.ico
Icons/Wallpaperfx-3d-Softwarefx-Winamp.ico
Icons/Wallpaperfx-3d-Softwarefx-Windows-Media-Player.ico
Icons/Wallpaperfx-3d-Softwarefx-Yahoo.ico
Icons/Wallpaperfx-3d-Softwarefx-Youtube.ico
NjRat 0.7D.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\HMJ\Desktop\njRAT v0.7d (SRC)\SRC - NjRAT 0.7D\NjRAT\obj\Debug\NjRat 0.7D.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/cam.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/ch.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/mic.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/plg.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/pw.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugin/sc2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stub/Stub.il
Stub/Stub.manifest
.xml
WinMM.Net.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8.5MB - Virtual size: 8.5MB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 97KB - Virtual size: 96KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 43KB - Virtual size: 42KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 74KB - Virtual size: 74KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 62KB - Virtual size: 62KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 270KB - Virtual size: 270KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 43KB - Virtual size: 43KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

.text
Size: 8.5MB - Virtual size: 8.5MB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 97KB - Virtual size: 96KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 43KB - Virtual size: 42KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 74KB - Virtual size: 74KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 62KB - Virtual size: 62KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 270KB - Virtual size: 270KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 43KB - Virtual size: 43KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B