njrat | 86de17299102d116efc93dd9ab753341104c2f93073ff4520265ae20d8d571a0

General

Target

86de17299102d116efc93dd9ab753341104c2f93073ff4520265ae20d8d571a0
Size

10KB
MD5

423cadb6c4c653a0079e37dfda771a2f
SHA1

d31baceaac9c43ac94aeb7cd0e1663cff7a68cf9
SHA256

86de17299102d116efc93dd9ab753341104c2f93073ff4520265ae20d8d571a0
SHA512

f9d342d1e14c0bc84ae56f3736d19db86342db6a717d61dcb696b7ddba6195eabfd181785e3c8c404c9a124a6203b5871e2f4e723941e929aa689063b1b35033
SSDEEP

192:ojrWLX4VqxgoW7yfFnqZOA4+W6SMGjzw2ANyWnqHKhN5fgPs1edBqAoq:oj6LoVqxdf1AOtHDzqxh/flWqAoq

Score

10^/10

nyan cat njrat

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

alma27.duckdns.org:2552

Mutex

c11d8e2894cb4e

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c671155c2ff3529435a4facaabd8a06c6f5e559ff24763d6f387bc818c453727.exe

86de17299102d116efc93dd9ab753341104c2f93073ff4520265ae20d8d571a0
.zip

Password: infected
c671155c2ff3529435a4facaabd8a06c6f5e559ff24763d6f387bc818c453727.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ