General
-
Target
zeusxcsgo.exe
-
Size
54KB
-
MD5
2a1807a44c25f3daebafe152d9d729c0
-
SHA1
51dd9a2c839eb4151312f4943275569ae74d617b
-
SHA256
e10dac97fedeab685ec73c1082125c1547280aa93a8ef1e526f765eb85a6d062
-
SHA512
5b69b173a82639d16f2e176c7fa66bcd23127a5f7364449160798d5b24e4a699ebc3c9e4ed49394522a1b06373b31f60ce8a2674c81911eec8a78d5b0afd97e0
-
SSDEEP
768:JCErK+n4et1Man8W2NqYJ45B3oPkSNjmwFvfu0YMDHPswL7XJSxI3pmYm:J1cMDnUNqYJ4DWDKwsNMDjXExI3pmYm
Malware Config
Extracted
njrat
<- NjRAT 0.7d Horror Edition ->
Victim
127.0.0.1:1604
a83cc24c96c576ad7395bc362a9446cf
-
reg_key
a83cc24c96c576ad7395bc362a9446cf
-
splitter
Y262SUCZ4UJJ
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource zeusxcsgo.exe
Files
-
zeusxcsgo.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ