njrat | Server[.]exe

Resubmissions

12-01-2025 12:25

250112-pl1c6svkfj 10

11-01-2025 18:40

250111-xa6d2swkhs 10

Sharing

Copy URL

Twitter E-mail

General

Target

Server.exe
Size

37KB
MD5

9c4756c64c1766f12170521fef786ec3
SHA1

38b1263c929b1801dce4b2dd41b03375f1a3ab5e
SHA256

33cbeb7e1cbd6b8a131403a0008af4295f78c9a8ee4dccc8e2b2923ebd70b0c6
SHA512

dba2a630552b46f1df0552c525ee0ce351c805cf275b8921669d0c8f4ac35c998c9bddf4e88f014fe8fe34f95dd2aae14165f110166258aa7b39ed81b5a0452a
SSDEEP

384:qnxqiU754NLHdayszjzc/j9s2UBmrAF+rMRTyN/0L+EcoinblneHQM3epzX9NrnZ:2ZZdJszjzch1UUrM+rMRa8Nub9t

Score

10^/10

test njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Test

foshigh-22602.portmap.host:22602

Mutex

7a8e3dbbded41bf7b8dd4ab3840130ea

Attributes

reg_key
7a8e3dbbded41bf7b8dd4ab3840130ea
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Server.exe

Files

Server.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 35KB - Virtual size: 34KB

.rsrc Size: 1024B - Virtual size: 576B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 1024B - Virtual size: 576B

.reloc
Size: 512B - Virtual size: 12B