njrat | c6b43bc584c6af235cd543a3d126f07966d86a9c78ea1c781ea3f449e5dd8920

General

Target

c6b43bc584c6af235cd543a3d126f07966d86a9c78ea1c781ea3f449e5dd8920
Size

10KB
MD5

f8bef7d94e0d9bab4cd8cd7fff051d6c
SHA1

afa7e0cf22c393dc1add18949aaec9fef6c171b3
SHA256

c6b43bc584c6af235cd543a3d126f07966d86a9c78ea1c781ea3f449e5dd8920
SHA512

7a1ed0ef977f3d7baadbceaf9939de036dc47f6f7bd9c97e7761a5e2571d9afd350072dc2af2be12cc4aeae67a074a45b63050b25ecc4240aa175ae79fcef687
SSDEEP

192:YAfjo4OH1YYgsvbwzWFqAcLexlXb2/WL1ns++ptokS6lFCuAEBfxUBQe4GFR:YA8vVYYgsvRDOZptokFmEdxUBQHOR

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

rusia.duckdns.org:1994

Mutex

872414d4271b4b56a

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6cd120ca11ebe09c75358cb33c95d503e5be127ce725c2a28e9b3bb925de4292.exe

c6b43bc584c6af235cd543a3d126f07966d86a9c78ea1c781ea3f449e5dd8920
.zip

Password: infected
6cd120ca11ebe09c75358cb33c95d503e5be127ce725c2a28e9b3bb925de4292.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ