Malicious
Malicious

6c6e8b10820ba453b633894e75d47e3a

Share on LinkedIn Add to favorites
Re-Scan
Delete
PE Executable
MD5: 6c6e8b10820ba453b633894e75d47e3a
Size: 345.6 KB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
6c6e8b10820ba453b633894e75d47e3a
Sha1
805aed4505734d9984dfdb02251d9c4b6df03e68
Sha256
cda2a5b57e9b78fa4e70cec57ab58efd03a85f9695f114eab548cf142492bb0b
Sha384
19e23ac914335cca6b355f0e18748c90845af53f3b43ee3a2405c048ef54d42cdb6da1b54cbc1f89a615a045d8666794
Sha512
6965fe7c8f01f326451e2d61e695e5325c47fa11b37daef0053502f7fde291d5a0ec4d69f7386633f05273b9d276b3d6902a8ba271bbc953eb176dbaa5715786
SSDeep
3072:e8iCOUCCQG0//VzjaFipNv30STc/XyYUCeG6u0vzHdyQuULklZewnfgR/BhNKEzH:B+xaFip7mkvzHdyQzf/F7zVP8eYVex
TLSH
8C742D17B1A69D25C3885B3BD0D7E40153F4A14DA6D3FB0F38892799280B37EEA87563

PeID

.NET executable
Microsoft Visual C# / Basic .NET
Microsoft Visual C# / Basic.NET / MS Visual Basic 2005 - ASL
Microsoft Visual C# v7.0 / Basic .NET
Microsoft Visual Studio .NET
File Structure
6c6e8b10820ba453b633894e75d47e3a
Malicious
Structure
DosHeader
PE Header
Optional Header (x86)
Section Headers
.text
.rsrc
.reloc
Resources
RT_MANIFEST
ID:0001
ID:0
Malware Configuration - njRAT config.
Config. Field
 Value
packet_size [b]

5121
Informations
Name
 Value
Module Name

j.exe
Full Name

j.exe
EntryPoint

System.Void j.A::main()
Scope Name

j.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

j
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

74
Main Method

System.Void j.A::main()
Main IL Instruction Count

3
Main IL

ldsfld lKG6aGB5hvXdW3q7Xdp lKG6aGB5hvXdW3q7Xdp::VxoBp3EfFx call System.Void lKG6aGB5hvXdW3q7Xdp::ueVJBElug(lKG6aGB5hvXdW3q7Xdp) ret <null>
Module Name

j.exe
Full Name

j.exe
EntryPoint

System.Void j.A::main()
Scope Name

j.exe
Scope Type

ModuleDef
Kind

Windows
Runtime Version

v4.0.30319
Tables Header Version

512
WinMD Version

<null>
Assembly Name

j
Assembly Version

0.0.0.0
Assembly Culture

<null>
Has PublicKey

False
PublicKey Token

<null>
Target Framework

<null>
Total Strings

74
Main Method

System.Void j.A::main()
Main IL Instruction Count

3
Main IL

ldsfld lKG6aGB5hvXdW3q7Xdp lKG6aGB5hvXdW3q7Xdp::VxoBp3EfFx call System.Void lKG6aGB5hvXdW3q7Xdp::ueVJBElug(lKG6aGB5hvXdW3q7Xdp) ret <null>
Artefacts
Name
 Value
Embedded Resources

6
Suspicious Type Names (1-2 chars)

3
6c6e8b10820ba453b633894e75d47e3a (345.6 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙