njrat | db6b3adbbe671aacaf14cead1008f03f54adac659994fd9ab9f1336058fe6a7c

General

Target

db6b3adbbe671aacaf14cead1008f03f54adac659994fd9ab9f1336058fe6a7c
Size

10KB
MD5

07b352d8f77b6af85b59b65bde1721c4
SHA1

13d3065628c10aca655bc0c443bdf53fadc5d7d4
SHA256

db6b3adbbe671aacaf14cead1008f03f54adac659994fd9ab9f1336058fe6a7c
SHA512

42a5aa7eb406a0871084f7d5ac1ab4a568bc71766398b93d8267412d7eba1c003b7e6875154447fa2b7bb060c1172eeeab120106b9f8528d9568227508e3bdd9
SSDEEP

192:W6fNuSxFbZMlzMZQOJSNe7IoS70qCnSlkq1mAa7SxITXyKif8xVpTaccJOK:WlSxtZekQq97yRCnIkqZa7/MUdmaK

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

20.234.71.164:1021

Mutex

15c6632c07f1

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/654553fbf3eb2b4d62f626efcd81da99001f87857c7efd8f49f8281459018c58.exe

db6b3adbbe671aacaf14cead1008f03f54adac659994fd9ab9f1336058fe6a7c
.zip

Password: infected
654553fbf3eb2b4d62f626efcd81da99001f87857c7efd8f49f8281459018c58.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ