Behavioral task
behavioral1
Sample
a458a33e5591c3fd7f7c8ae58d50ce55.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a458a33e5591c3fd7f7c8ae58d50ce55.exe
Resource
win10v2004-20240802-en
General
-
Target
a458a33e5591c3fd7f7c8ae58d50ce55.exe
-
Size
91KB
-
MD5
a458a33e5591c3fd7f7c8ae58d50ce55
-
SHA1
e9342f2bd7db767d12e0b5faa1f2918bdabafe77
-
SHA256
95e922bc96ec909a9eb80ae3716af0038ee3de24fc22b569c527764bf3be27a1
-
SHA512
4891d5e2cee561b87ff2399392168eaedc4df7fc312f0f00949dc97e9098bdb74e13f4a07ce42d660205c0afe55419ac1fbe6c328b343e267d626289b0e6e81e
-
SSDEEP
768:nGZefiM+0uGAfIi+qXuzMywjZdLJakHX+xWvYR4SYzktFI3tr3/iTnRVOR1MY4ss:hfil0pUjBjZdL4kHG5mktQJVR1Fpiv
Malware Config
Extracted
njrat
hakim32.ddns.net:2000
Signatures
-
Njrat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a458a33e5591c3fd7f7c8ae58d50ce55.exe
Files
-
a458a33e5591c3fd7f7c8ae58d50ce55.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 90KB - Virtual size: 89KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ