Behavioral task
behavioral1
Sample
8378e05aa79b2da510aa3aeb6a59ffbf.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
8378e05aa79b2da510aa3aeb6a59ffbf.exe
Resource
win10v2004-20240611-en
General
-
Target
8378e05aa79b2da510aa3aeb6a59ffbf.bin
-
Size
93KB
-
MD5
8378e05aa79b2da510aa3aeb6a59ffbf
-
SHA1
0f249bfe90b99d3e357630d144f126fab6bc1bd4
-
SHA256
938bfca60c445e9e91f3c17c83b011be538e8f0aabcfc3c25a2d82c8ce902db3
-
SHA512
181f7a0828c65db6b554adbf8cffe2cfc13e265fabd80aaccec358380aad6de41418dea97e79a67992f5e1b593a5234c232305051720c973b6cc1d8636f64692
-
SSDEEP
1536:A+RnEoSnsqS5ut9YMR8SjEwzGi1dDeDsgS:A+tSnsqS5uTYM+7i1dwF
Malware Config
Extracted
njrat
0.7d
HacKed
hakim32.ddns.net:2000
85.234.6.210:1337
8654a281c9f4fdd6b7fb66d728ad2a41
-
reg_key
8654a281c9f4fdd6b7fb66d728ad2a41
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8378e05aa79b2da510aa3aeb6a59ffbf.bin
Files
-
8378e05aa79b2da510aa3aeb6a59ffbf.bin.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ