General
-
Target
Jordan cheats CS 2.exe
-
Size
37KB
-
MD5
84d0148efc1b1672f21eda9c1f198beb
-
SHA1
b0e082952fc0640a285f535be0ee100a1c35b046
-
SHA256
0ea6856804bd0c61d3e9584eaab74308e2dcbdaefcadec346438fd53f2854ad6
-
SHA512
44b996d23c52b9f8849ae193c6f5f40f7cb16169bb11c7fd5ef842cb9c71ac2ee4875b1606f89734a7830566464bc9543749e8444d1dace7115a91871c97672e
-
SSDEEP
384:VzHEIiej/CVLO309Qmykrt2u9wOlfgvuCwvrAF+rMRTyN/0L+EcoinblneHQM3eM:J+dGdkrwIBgWCmrM+rMRa8NuJOt
Malware Config
Extracted
njrat
im523
HacKed
127.0.0.1:2278
0a57d0b1009ca959b460552dc6d366aa
-
reg_key
0a57d0b1009ca959b460552dc6d366aa
-
splitter
|'|'|
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Jordan cheats CS 2.exe
Files
-
Jordan cheats CS 2.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ