njrat | 9dd52b40a3ae0a4247054f3472ef35f93c0575d064e6b9acbbc5f327bfa7f9fb

General

Target

9dd52b40a3ae0a4247054f3472ef35f93c0575d064e6b9acbbc5f327bfa7f9fb
Size

34KB
MD5

8bcf723b79d848e84c6f4900fe5efe06
SHA1

e7da6ccf0623d995fcd78b5b6c6df96786b78549
SHA256

9dd52b40a3ae0a4247054f3472ef35f93c0575d064e6b9acbbc5f327bfa7f9fb
SHA512

cc127c748a3cc80bcb50e9c3739665b352da4f922b02e2879f96e5a243b30010c0bfef0cf80c157e461b3052771ad7ef4198e62669504424767c57cf219433ee
SSDEEP

768:ATTHqAij2ccYNuubAPZAMaVMeC49xX7uipUAlZ1:i1iC0ufPX7arlpUAD1

Score

10^/10

hacked njrat

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

svr1.mcsvr.online:27339

Mutex

83f035c7891be2d12e8a2b5de2568b9f

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/045d53361953bf6e24021d351ed7ae482a13253cdec4f4dfdcb2e724c6bf9ac6

9dd52b40a3ae0a4247054f3472ef35f93c0575d064e6b9acbbc5f327bfa7f9fb
.zip

Password: infected
045d53361953bf6e24021d351ed7ae482a13253cdec4f4dfdcb2e724c6bf9ac6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ