NjRat Red Edition[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

NjRat Red Edition.rar
Size

8.2MB
MD5

f5e6018c3d1eaad0bf6acc1580dacb43
SHA1

8f22f30ecc35fcce9aab794587f7b33d10f2270e
SHA256

a2030815225eff8c32ffae0fcb785cd1761d093d205e7ff9d9f8a0c96f89c871
SHA512

80de1d6861ce851ca842e03dda8d7f1f35231b55481eca996f8892c21f354827c650354d768d2623216030a6790e49dc7ceef62fba69b90d17a0b75143c9cac2
SSDEEP

196608:ew3vlSABbd2f0OuBiYEhAdhK/+yBfbGyE4b2a70siw8:/tfbcMOuE4hKG8fbNOYz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NjRat Red Edition/NjRat 0.7D Red Edition.exe
unpack001/NjRat Red Edition/Plugin/cam.dll
unpack001/NjRat Red Edition/Plugin/ch.dll
unpack001/NjRat Red Edition/Plugin/mic.dll
unpack001/NjRat Red Edition/Plugin/plg.dll
unpack001/NjRat Red Edition/Plugin/pw.dll
unpack001/NjRat Red Edition/Plugin/sc2.dll
unpack001/NjRat Red Edition/WinMM.Net.dll

Files

NjRat Red Edition.rar
.rar

Password: 1
NjRat Red Edition/GeoIP.dat
NjRat Red Edition/Icons/Bokehlicia-Captiva-Atom.ico
NjRat Red Edition/Icons/Bokehlicia-Captiva-Blender.ico
NjRat Red Edition/Icons/Bokehlicia-Captiva-Firewall-config.ico
NjRat Red Edition/Icons/Bokehlicia-Captiva-Nvidia-settings.ico
NjRat Red Edition/Icons/Bokehlicia-Captiva-Utilities-system-monitor.ico
NjRat Red Edition/Icons/Bokehlicia-Captiva-Web-slack.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Access.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Excel.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-InfoPath.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Lync.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Office.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Outlook.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-PowerPoint.ico
NjRat Red Edition/Icons/Carlosjj-Microsoft-Office-2013-Word.ico
NjRat Red Edition/Icons/Ccard3dev-Dynamic-Yosemite-Numbers.ico
NjRat Red Edition/Icons/Chrisbanks2-Cold-Fusion-Hd-Radar.ico
NjRat Red Edition/Icons/Cornmanthe3rd-Plex-Android-App-drawer.ico
NjRat Red Edition/Icons/Cornmanthe3rd-Plex-Android-Baconreader.ico
NjRat Red Edition/Icons/Cornmanthe3rd-Plex-Android-Ebay.ico
NjRat Red Edition/Icons/Graphicloads-Colorful-Long-Shadow-Analytics.ico
NjRat Red Edition/Icons/Graphicloads-Colorful-Long-Shadow-Cloud.ico
NjRat Red Edition/Icons/Graphicloads-Colorful-Long-Shadow-Favourite.ico
NjRat Red Edition/Icons/Graphicloads-Colorful-Long-Shadow-Restaurant.ico
NjRat Red Edition/Icons/Graphicloads-Polygon-Cart-add.ico
NjRat Red Edition/Icons/Graphicloads-Seo-Services-Pay-per-click.ico
NjRat Red Edition/Icons/Harwen-Red-Christmas-Home.ico
NjRat Red Edition/Icons/Harwen-V-Day-Valentines-Day-Honey.ico
NjRat Red Edition/Icons/Harwen-V-Day-Valentines-Day-Present.ico
NjRat Red Edition/Icons/Hopstarter-Sleek-Xp-Basic-Money.ico
NjRat Red Edition/Icons/Hopstarter-Sleek-Xp-Software-Opera.ico
NjRat Red Edition/Icons/Iconka-St-Patricks-Day-Hat-tophat.ico
NjRat Red Edition/Icons/Icons-Land-Weather-Moon-Phase-Full.ico
NjRat Red Edition/Icons/Icons-Land-Weather-Sleet.ico
NjRat Red Edition/Icons/Icons8-Windows-8-Logos-Xbox.ico
NjRat Red Edition/Icons/Icons8-Windows-8-Security-Security-Checked.ico
NjRat Red Edition/Icons/Iconshock-Trendy-Guys-Andrew.ico
NjRat Red Edition/Icons/Indeepop-Crazy-Crown.ico
NjRat Red Edition/Icons/Johanchalibert-Mac-Osx-Yosemite-Safari.ico
NjRat Red Edition/Icons/Kevin-Thompson-Love-And-Breakup-Love-box.ico
NjRat Red Edition/Icons/Paddy-Web20rigami-Firefox.ico
NjRat Red Edition/Icons/Petalart-Business-Cloud-upload.ico
NjRat Red Edition/Icons/Ph03nyx-Super-Mario-Mushroom-Super.ico
NjRat Red Edition/Icons/Photoshopedia-Xedia-Firefox.ico
NjRat Red Edition/Icons/Tooschee-Misc-Present.ico
NjRat Red Edition/Icons/Tooschee-Misc-Sync.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Acrobat-Reader.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Chrome.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Dreamviewer.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Facebook.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Firefox.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-ITunes.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Illustrator.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Photoshop.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Quicktime.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Safari.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Skype.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Thunderbird.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Utorrent.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Vlc.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Winamp.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Windows-Media-Player.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Yahoo.ico
NjRat Red Edition/Icons/Wallpaperfx-3d-Softwarefx-Youtube.ico
NjRat Red Edition/NjRat 0.7D Red Edition.exe
.exe windows:4 windows x86 arch:x86

Password: 1

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\JAVIC\Desktop\Curso Evasion\mis Herramientas\NJRAT\RAT-NjRat-0.7d-modded-source-code-master\SRC - NjRAT 0.7D\NjRAT\obj\Debug\NjRat 0.7D.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/cam.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/ch.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/mic.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/plg.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/pw.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Plugin/sc2.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjRat Red Edition/Stub/Stub.il
NjRat Red Edition/Stub/Stub.manifest
.xml
NjRat Red Edition/WinMM.Net.dll
.dll windows:4 windows x86 arch:x86

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 1

Password: 1

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 9.1MB - Virtual size: 9.1MB

.rsrc Size: 243KB - Virtual size: 243KB

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 97KB - Virtual size: 96KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 43KB - Virtual size: 42KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 74KB - Virtual size: 74KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 62KB - Virtual size: 62KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 270KB - Virtual size: 270KB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 12B

Password: 1

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

Imports

mscoree

Sections

.text
Size: 9.1MB - Virtual size: 9.1MB

.rsrc
Size: 243KB - Virtual size: 243KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 97KB - Virtual size: 96KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 43KB - Virtual size: 42KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 74KB - Virtual size: 74KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 62KB - Virtual size: 62KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 270KB - Virtual size: 270KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 43KB - Virtual size: 43KB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B