njrat | 3a33929b7a057fe0192bf91aa7c26eb312ef1b1653d106e85c329aa52b0b001b

General

Target

3a33929b7a057fe0192bf91aa7c26eb312ef1b1653d106e85c329aa52b0b001b
Size

11KB
MD5

b502720eb0645a6aa0e5915b2dc7a006
SHA1

775e5961a1cb4421d22282795f5dd4800e687ed4
SHA256

3a33929b7a057fe0192bf91aa7c26eb312ef1b1653d106e85c329aa52b0b001b
SHA512

847f693c8f8ee17254b722c75e9615f8862e5ba09b9def467ba953be6c15c873640bd489cc44c160a815fdc27ce36601e8a80cf8a15ca9dd30b8bf8be5fee280
SSDEEP

192:QKA1F7gTjuiPpl4JNu09geWtOMUa/ucXpDFDb5VZFeHozxB5V2jHHsWsvlknqWvs:DdTjusG9b8jUKNDF5VZcIz/KjHFA8hbO

Score

10^/10

hacked njrat

Family

njrat

Version

0.7d

Botnet

HacKed

C2

fallenvrsdo7ne.ddns.net:1177

Mutex

5a1dceb696560575497ef5faf4d00de1

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bc77b4592acc8dc3708179fd8719405271052addb074c04db57f0f1699e77708.exe

3a33929b7a057fe0192bf91aa7c26eb312ef1b1653d106e85c329aa52b0b001b
.zip

Password: infected
bc77b4592acc8dc3708179fd8719405271052addb074c04db57f0f1699e77708.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ