njrat | 32e56568c0385761b7f7b49e09e7eeb387cd84c860c73192134baaabcd1c2ee2

General

Target

32e56568c0385761b7f7b49e09e7eeb387cd84c860c73192134baaabcd1c2ee2
Size

10KB
MD5

23687581feb38f2b720d8a9bbbfd93b8
SHA1

fad0123ee6df08ee4b235bcbf229448e5e4b2028
SHA256

32e56568c0385761b7f7b49e09e7eeb387cd84c860c73192134baaabcd1c2ee2
SHA512

1aa6e2fd0244cc8eee9ae21c724d24fe9f5ce776fee8af21e2f4a7538dda8dc79632545a7761753edf01179bb3a512fba72c4aa27f21577b54ab62da6b621607
SSDEEP

192:JuGH147GRa2v16SMsatGbE0n2GFQ/zfCXwNYoHaJbHE7yc8I:YGVbXv17Nasg0f8NzHaKucP

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

20.206.240.63:1024

Mutex

3129cd63c193

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/eaa96c58f2e46c920ccca77cec3f195cb3be4b035df67eda3aef8a39176f532c.exe

32e56568c0385761b7f7b49e09e7eeb387cd84c860c73192134baaabcd1c2ee2
.zip

Password: infected
eaa96c58f2e46c920ccca77cec3f195cb3be4b035df67eda3aef8a39176f532c.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ