njrat | anonymous42 info[.]rar

Resubmissions

22-07-2024 13:58

240722-q95hga1arg 10

22-07-2024 13:55

240722-q8c2ts1hjr 10

22-07-2024 13:46

240722-q3dfea1emq 10

22-07-2024 13:42

240722-qzn3qs1djr 10

Sharing

Copy URL

Twitter E-mail

General

Target

anonymous42 info.rar
Size

31KB
MD5

116d47f718486d216cb167a6d49c45f6
SHA1

71792ec78c58f77918ed031f99c4a51c6ae0e6fe
SHA256

0879d73063bf5b902c68e64687a11dc4595a5336a9a100d774bc0506d670fc8b
SHA512

8d652b39e9d20ee3358d8e21dab8c0521aa31eaae1533a59a8916f627ef999480e3a699661bb46b82934ce1a794cc9732092b435f4c748ed7cfe27a7feab7fa3
SSDEEP

768:PQgT3zcTF6qsB65N9VfHjvtxnaE9sy93t9L2FxxbZtFxle4o:v3zc4HB65DJ7RfL2zlA

Score

10^/10

ericd njrat

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Ericd

hakim32.ddns.net:2000

127.0.0.1:10735

Mutex

1fc11d500862b0f4c354276c41420c64

Attributes

reg_key
1fc11d500862b0f4c354276c41420c64
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/anonymous42 info.exe

Files

anonymous42 info.rar
.rar
anonymous42 info.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 92KB - Virtual size: 91KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 92KB - Virtual size: 91KB

.reloc
Size: 512B - Virtual size: 12B