njrat | Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

28KB
MD5

ea483304966774e3fc0c311a430bca02
SHA1

e9f03aa33bed377b6a00a6dff44608f78d989ce2
SHA256

61b34eaa717355a8c09d263ecefb998f4f2b863b1d5db1c2c3eb037471a85406
SHA512

93e647adf07b1f6eae7a7c76dbd5e5978f5e9d18feb2ed91b0d0518b25f7c4022aee7ca7e1bb28c8c4fa9cfc73035cea8894e7d2531ce72f60dc052cd31ea679
SSDEEP

384:tLL+lKX1/bnjUWXY5wI/fn/2TdNlfqaLW5Xh11m0LE2uWGCbiNrxwXPRNK62MJOq:lzYn5wI/HYN9fEXr1m0LcWfbXOBFs

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Setup.exe

Files

Setup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ