njrat | b2b37be78d335c4b7f590e696c3f18f34650eba890f3740e35ad4b45185bce80

General

Target

b2b37be78d335c4b7f590e696c3f18f34650eba890f3740e35ad4b45185bce80
Size

10KB
MD5

4355d9caa55d4138165e2c1f47ae2cf8
SHA1

f011a70bbfb6b75663593d0506e42bee279fa6f7
SHA256

b2b37be78d335c4b7f590e696c3f18f34650eba890f3740e35ad4b45185bce80
SHA512

f52ff44061e16713cfa1066b6b63e124176f8ef34e6eb91761cddc3e379052bf6961c5220e2086a816b3be7405876cec1b9af8e8bd2712bd2e34b4aa2e5f2c23
SSDEEP

192:hxlXvCZUeucECnotGeQGXWFsAaFPVnBjPG5K50ykk3L5g30KK6ecn4CvO:hCe5cEOpGXCgjnJe4R3LvKKO4AO

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

asegurar1s.duckdns.org:5050

Mutex

4c7709994c9c43749

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/10594a1471f951bfdee5d264250a67a34af443bd25af12d15c0295a92ee0b44a.exe

b2b37be78d335c4b7f590e696c3f18f34650eba890f3740e35ad4b45185bce80
.zip

Password: infected
10594a1471f951bfdee5d264250a67a34af443bd25af12d15c0295a92ee0b44a.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ