njrat | 69999ed4f1f24f54bd45cb9d1c80a5340712e9c6719957bd4e700d3483594c47

General

Target

69999ed4f1f24f54bd45cb9d1c80a5340712e9c6719957bd4e700d3483594c47
Size

33KB
MD5

bb6c01f7904a06bd102d1c9dcf124abe
SHA1

5e02d94362905747bea00d18e06e799d9ab682ed
SHA256

69999ed4f1f24f54bd45cb9d1c80a5340712e9c6719957bd4e700d3483594c47
SHA512

34937f6e8d88bbc7de85d4e575e41446819a69f76995ce78e4da6f6f0bc61fb917924c8158717089d13025bbe33d91ff1a6fe686e88866d33fad13330a5f4217
SSDEEP

768:qRSdyhds6jm80e0J7dM2pSp4pBefd7ZZeLnNeTqRV1NVDW3NykiadHFjK:qRSdye8Dw7P7Bel7ZZeTFVvVDGriadH8

Score

10^/10

njrat

Family

njrat

C2

hakim32.ddns.net:2000

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c471b2d1d86cac31a117363ed55a71714aeec937f9a73977d2f2329914252f97.exe

69999ed4f1f24f54bd45cb9d1c80a5340712e9c6719957bd4e700d3483594c47
.zip

Password: infected
c471b2d1d86cac31a117363ed55a71714aeec937f9a73977d2f2329914252f97.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ