njrat | 27d1dbafa7b40bb4c94dde487ed08389_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27d1dbafa7b40bb4c94dde487ed08389_JaffaCakes118
Size

38KB
MD5

27d1dbafa7b40bb4c94dde487ed08389
SHA1

dd3ea3daadac1dd22b5a9974d77a4cfefa580d81
SHA256

d981aeb3336b6ad7f414af8ab4cdb20ebf6df88cdd0e74579ecad0f823a3723c
SHA512

acee63960f7d00b43768f2f1ce4b9a3ad8b35a1e57d74eb1846a61ed3a6a88a492b1e1f76a9aaf260fe29fc90896d302ce3782d5ad6b7c06142b0b5af589d866
SSDEEP

768:DsYQsZ1MGi/rzrKYeEEbHuKUl18aP0rSOuNx7YxwYM7Kbajv:AY9Z1gjHcL81r0SYxwYM7Kwv

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/R-Aimbot v1.0/r-aimbot.dll
unpack001/R-Aimbot v1.0/r-aimbot.exe

Files

27d1dbafa7b40bb4c94dde487ed08389_JaffaCakes118
.rar
R-Aimbot v1.0/r-aimbot.cfg
R-Aimbot v1.0/r-aimbot.dll
.dll windows:5 windows x86 arch:x86

b9e80ad2c93637b6803ec6126cc4a8f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcr90

_decode_pointer

opengl32

glLoadIdentity

Sections

.text
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
R-Aimbot v1.0/r-aimbot.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 770B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
R-Aimbot v1.0/readme.txt

Sharing

General

Malware Config

Signatures

Files

b9e80ad2c93637b6803ec6126cc4a8f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr90

opengl32

Sections

.text Size: 12KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 512B

Headers

File Characteristics

Sections

CODE Size: 5KB - Virtual size: 4KB

DATA Size: 512B - Virtual size: 124B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 770B

.tls Size: - Virtual size: 4B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 456B

.rsrc Size: 38KB - Virtual size: 38KB

.text
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 512B

CODE
Size: 5KB - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 124B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 770B

.tls
Size: - Virtual size: 4B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 456B

.rsrc
Size: 38KB - Virtual size: 38KB