Behavioral task
behavioral1
Sample
2792-29-0x00000000002A0000-0x0000000000B6A000-memory.exe
Resource
win7-20240903-en
General
-
Target
2792-29-0x00000000002A0000-0x0000000000B6A000-memory.dmp
-
Size
8.8MB
-
MD5
dc12c3ed6545883e412fd53aee9f9bc8
-
SHA1
745727e55ea35ef91fdae244f1d09f146309090c
-
SHA256
590383f4bc81eb472544475d3f93b43967d12d499a1bc46e031d7cd5001d348c
-
SHA512
eef34bca2e27e0e1ea61c12d82a85407a852b7ef236c4d6a91ec2e85a9be4a85219363759dbb2db23744c7772b9ccd0209977621a681f1345fa5754bfe30be4c
-
SSDEEP
196608:Ryz6ERB80Yd/m9r8IstNEcOq+OM2OYje:RI6ERBud/m9rmDOezj
Malware Config
Extracted
njrat
v4.0
HacKed
still-obviously.gl.at.ply.gg:46857
Windows
-
reg_key
Windows
-
splitter
|-F-|
Signatures
Files
-
2792-29-0x00000000002A0000-0x0000000000B6A000-memory.dmp.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ