njrat | HiDDen PerSOn Crypter Free[.]exe | Triage

Sharing

General

Target

HiDDen PerSOn Crypter Free.exe
Size

1.7MB
MD5

8472f47811485884ff54d8a769172f2a
SHA1

e0fc9d21c0505ef9ffd984cb4adc5ce6e75f8836
SHA256

8d8ef6f47cf840dfb643794b533cd20b1d096f49e30cae70e6fe2717322cd8af
SHA512

4d0c2507183efcafc4816d12bc9a99f95f5954cf86a72affd648a638f0c3c2ee0e869ea3a8e310748405647915d354c009ee4f9e6eb7f28fb25b4995254f7c6e
SSDEEP

24576:TNHC9HCo0ESdQpglO1CxDyawn27h+9hrlgKQY9SGcZwCdspsds5tLgMDKQwpZ:sQo0RIglO1CuL9VNcaCdGszCK

Score

10^/10

njrat

Malware Config

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HiDDen PerSOn Crypter Free.exe

Files

HiDDen PerSOn Crypter Free.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ