Online Virus Checker | v.1.0.169.174 |
DB Version: | 2024-03-16 13:00:19 |
NjRat, also known as Bladabindi, is a type of remote access Trojan (RAT) that allows cybercriminals to gain unauthorized access and control over infected computers. It was made by a hacking organization from different countries called M38dHhM and was often used against targets in the Middle East.
File | New Client.exe |
Checked | 2024-03-16 11:23:15 |
MD5 | c65ca4f6d2c653e18e0d795ba0cb0c89 |
SHA1 | 543c228d35fb48b5b147aa47cab2b76ef9e6c19b |
SHA256 | d094b3e64b1ac779565c1819f7f1b4041b5fa901e74f0cad9d3d376c506635d9 |
SHA512 | b3e5b167372f41210c15f9907f4cbfdbb62cdec5b3334449b2e7d178b57a10f21cb189461080f1298d6bc9f7468acfab84dde6402184a8d5600458c2ac1a16e3 |
Imphash | f34d5f2d4577ed6d9ceec516c1f5a744 |
File Size | 67072 bytes |
Gridinsoft has the capability to identify and eliminate Trojan.Win32.NjRat.tr without requiring further user intervention.
Image Base: | 0x00400000 |
Entry Point: | 0x00411c1e |
Compilation: | 2024-02-07 18:02:00 |
Checksum: | 0x00000000 (Actual: 0x000110e7) |
OS Version: | 4.0 |
PEiD: | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 3 |
Imports: | mscoree, |
Exports: | 0 |
Resources: | 1 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.text | 0x00002000 | 0x0000fc24 | 0x0000fe00 | da432cb91b3d7187c63249045430f467 | 5.85 |
.rsrc | 0x00012000 | 0x00000240 | 0x00000400 | 08e614b8f1d20a50b5b3684e856ff5f3 | 4.97 |
.reloc | 0x00014000 | 0x0000000c | 0x00000200 | 28e795e54d21ed88ff3641298051658d | 0.10 |