njrat | d88d9478a3df86f3aad088f1d93e25f31eb9ad74a01f087b1a4a9533daf25fa6[.]exe

General

Target

d88d9478a3df86f3aad088f1d93e25f31eb9ad74a01f087b1a4a9533daf25fa6.exe
Size

35KB
MD5

fb7f625eaf12d695aef5428a1433b0c8
SHA1

ed62ab0f392fba85c32977f96ff5cd01092e2898
SHA256

200d11cd8fe4e8f7a6f67d79c2c3c74fca63712c421ac999e49221232f355e88
SHA512

f379aaf1fcf1dff44436386b5f3dd198664caa98675dfcc3187bf2b255763a56de4a6a85486b464de6ea2a616479b0cf0ee86319b1a060432976dcaaf16570f5
SSDEEP

768:N7kprWOT9k3Cd4AJ/xssHJTVrj/okBDXZ6SmplA7PS+bHrT4Q:N+iOT9kSd5rpJTVrjA0V6hlkS+MQ

Score

10^/10

server njrat

Family

njrat

Version

0.7d

Botnet

Server

C2

hakim32.ddns.net:2000

0.tcp.jp.ngrok.io:12215

Mutex

cae159ad290a06b8a442e247969718ad

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume3/Users/Usuario/Downloads/d88d9478a3df86f3aad088f1d93e25f31eb9ad74a01f087b1a4a9533daf25fa6.exe

d88d9478a3df86f3aad088f1d93e25f31eb9ad74a01f087b1a4a9533daf25fa6.exe
.zip

Password: Sentinel1!
Device/HarddiskVolume3/Users/Usuario/Downloads/d88d9478a3df86f3aad088f1d93e25f31eb9ad74a01f087b1a4a9533daf25fa6.exe
.exe windows:4 windows x86 arch:x86

Password: Sentinel1!

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json