njrat | 2d7b184bc63715d13321aa385accd2eadb04310d49119b80f5c6d5c686053ee1[.]zip

General

Target

2d7b184bc63715d13321aa385accd2eadb04310d49119b80f5c6d5c686053ee1.zip
Size

83KB
MD5

03a562feeb11abfd2f119241bdde707b
SHA1

82c06e87860ed0570c3d30f6e395a2166f4368dd
SHA256

e7c4282ecdd0036cb8976163c369a41fc95fdef2b435390d6bcd3477a549c646
SHA512

76fda37a9396e96e9c5edb20423f31f11158d1691bdc4cf01a4bd582df57806ed6b27b1b132fb4b17bb24b4aff36b35297b9d9f36d04db8a6c752d045c88934b
SSDEEP

1536:N8g0QpLqeAXjphKADv7sd8qRU8N5BMc9tZpNqU7ZpTNGoinzkO7:pdSK+21U8N5BM+0winzkO7

Score

10^/10

njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/2d7b184bc63715d13321aa385accd2eadb04310d49119b80f5c6d5c686053ee1.exe

2d7b184bc63715d13321aa385accd2eadb04310d49119b80f5c6d5c686053ee1.zip
.zip

Password: infected
2d7b184bc63715d13321aa385accd2eadb04310d49119b80f5c6d5c686053ee1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ