njrat | 758f206c1045dcebb04e91c11fe94508ba3dc4d71333b897f8842a162fd6744b

General

Target

758f206c1045dcebb04e91c11fe94508ba3dc4d71333b897f8842a162fd6744b
Size

10KB
MD5

ed2ae35cd3e6539e01ab7b37e8d5992d
SHA1

734a73d78eefbaec59a4638b289fa1b04b0956c1
SHA256

758f206c1045dcebb04e91c11fe94508ba3dc4d71333b897f8842a162fd6744b
SHA512

af9e92bec72484e329998261e480cba84c72ac9954ae18def23390ea6c249f2c00cb7a323860f10acd075f493fe9d406445832e95edd8f4473fe5adef49023ed
SSDEEP

192:TlFdaCN4HvkmJh6sgOx9iq3vMqAyN7qjfo4DwlIrYhEinukOc3J7NwHEtQKPL:TjdpCcGh6sg09ZvMlyNmjwEwaYhLnOcl

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

vbatallafinal23.duckdns.org:0101

Mutex

5a1c382f7688415aa79

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5079d77c36ad411dc614e579e28c2a95b96fc2372effd822f1c718fda39abb5a.exe

758f206c1045dcebb04e91c11fe94508ba3dc4d71333b897f8842a162fd6744b
.zip

Password: infected
5079d77c36ad411dc614e579e28c2a95b96fc2372effd822f1c718fda39abb5a.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ