× الكوكيز معطل! هذا الموقع يتطلب تمكين الكوكيز للعمل بشكل صحيح
SHA256: 63d16281137e310430d952a2894b5fea000e59aa4099e0bbd9b5b6cbab9f79c0
إسم الملف: nj-w0rm 0.4.1f.exe
نسبة الفحص: 51 / 61
تاريخ الفحص 2017-05-07 11:39:35 UTC ( 2 سنتان مضت ) مشاهدة الأخير
مكافح الفيروسات النتيجة التحديث
Ad-Aware Gen:Variant.Kazy.265876 20170507
AegisLab Constructor.Msil.Ratcon!c 20170507
AhnLab-V3 Trojan/Win32.Agent.C674776 20170507
ALYac Gen:Variant.Kazy.265876 20170507
Antiy-AVL Trojan[Backdoor]/Win32.DarkKomet 20170507
Arcabit Trojan.Kazy.D40E94 20170507
Avast MSIL:Agent-DAG [Trj] 20170507
AVG PSW.MSIL.AZB 20170507
Avira (no cloud) TR/Rogue.8522602.2 20170507
AVware Trojan.Win32.Generic!BT 20170507
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9972 20170503
BitDefender Gen:Variant.Kazy.265876 20170507
CAT-QuickHeal HackTool.Jaktinier.A3 20170506
ClamAV Win.Trojan.Generic-6305877-0 20170507
Comodo UnclassifiedMalware 20170507
Cyren W32/S-898a7bc8!Eldorado 20170507
DrWeb BackDoor.Bladabindi.1393 20170507
Emsisoft Gen:Variant.Kazy.265876 (B) 20170507
ESET-NOD32 MSIL/Spy.Agent.CP 20170507
F-Prot W32/S-898a7bc8!Eldorado 20170507
F-Secure Gen:Variant.Kazy.265876 20170507
Fortinet MSIL/Generic.AP.1881232!tr 20170507
GData Gen:Variant.Kazy.265876 20170507
Ikarus Constructor.Win32.Agent 20170507
Sophos ML backdoor.msil.bladabindi.g 20170413
Jiangmin Constructor.MSIL.bp 20170507
K7AntiVirus Riskware ( 0040eff71 ) 20170506
K7GW Riskware ( 0040eff71 ) 20170507
Kaspersky Constructor.MSIL.RatCon.a 20170507
Kingsoft Win32.Troj.Generic.v.(kcloud) 20170507
Malwarebytes HackTool.Agent 20170507
McAfee GenericTRA-BY!D6007C6BF745 20170507
McAfee-GW-Edition GenericTRA-BY!D6007C6BF745 20170507
Microsoft Backdoor:MSIL/Bladabindi 20170507
eScan Gen:Variant.Kazy.265876 20170507
NANO-Antivirus Trojan.Win32.RiskGen.ctumsf 20170507
Panda Trj/CI.A 20170507
Rising Trojan.Generic (cloud:B6sSr9PH52S) 20170506
SUPERAntiSpyware Trojan.Agent/Gen-Spy 20170507
Symantec Hacktool 20170506
Tencent Msil.Trojan.Ratcon.Wopc 20170507
TheHacker Trojan/Spy.Agent.cp 20170505
TrendMicro HKTL_RATNJ 20170507
TrendMicro-HouseCall HKTL_RATNJ 20170507
VBA32 Constructor.MSIL.RatCon 20170506
VIPRE Trojan.Win32.Generic!BT 20170507
ViRobot Trojan.Win32.S.Agent.891392.I[h] 20170506
Webroot W32.Malware.Gen 20170507
Yandex Trojan.Rogue!28MGkoXaHHo 20170504
Zillya Tool.RatCon.Win32.2 20170505
ZoneAlarm by Check Point Constructor.MSIL.RatCon.a 20170507
Alibaba 20170505
Bkav 20170506
CMC 20170506
CrowdStrike Falcon (ML) 20170130
Endgame 20170503
nProtect 20170507
Palo Alto Networks (Known Signatures) 20170507
Qihoo-360 20170507
SentinelOne (Static ML) 20170330
Sophos AV 20170507
Symantec Mobile Insight 20170504
Trustlook 20170507
WhiteArmor 20170502
Zoner 20170507
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © njq8 2012

Product njRAT
Original name njRAT.exe
Internal name njRAT.exe
File version 0.5.0.0
Description njRAT
Comments http://xnjq8x.com
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-11-10 10:30:15
Entry Point 0x000D999E
Number of sections 3
.NET details
Module Version ID 7c7c5b0d-08bb-4716-b199-fd424a4b75a2
TypeLib ID 45037699-51f9-4e37-b9b4-00d81aee540e
PE sections
PE imports
_CorExeMain
Number of PE resources by type
RT_ICON 2
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 5
PE resources
ExifTool file metadata
SubsystemVersion
4.0

Comments
http://xnjq8x.com

InitializedDataSize
7680

ImageVersion
0.0

ProductName
njRAT

FileVersionNumber
0.5.0.0

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

LinkerVersion
8.0

FileTypeExtension
exe

OriginalFileName
njRAT.exe

MIMEType
application/octet-stream

Subsystem
Windows GUI

FileVersion
0.5.0.0

TimeStamp
2012:11:10 11:30:15+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
njRAT.exe

ProductVersion
0.5.0.0

FileDescription
njRAT

OSVersion
4.0

FileOS
Win32

LegalCopyright
Copyright njq8 2012

MachineType
Intel 386 or later, and compatibles

CompanyName
njq8

CodeSize
883200

FileSubtype
0

ProductVersionNumber
0.5.0.0

EntryPoint
0xd999e

ObjectFileType
Executable application

AssemblyVersion
0.5.0.0

Execution parents
PE resource-wise parents
Compressed bundles
File identification
MD5 d6007c6bf745ce5e079e59d26258a2d1
SHA1 a05fc82e4a57483899d89d3126422a540c514f2b
SHA256 63d16281137e310430d952a2894b5fea000e59aa4099e0bbd9b5b6cbab9f79c0
ssdeep
12288:8xzBnAoAiRC6UmbnUCAL3cAK8IWQlkgJDCRvt:8XFRbUwnUCDAK8P

authentihash 228d33e37e238036b5cc757ccde272d554fd49ae436ea52ce1640b377c95711d
imphash f34d5f2d4577ed6d9ceec516c1f5a744
File size 870.5 ك.ب ( 891392 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit Mono/.Net assembly

TrID Generic CIL Executable (.NET, Mono, etc.) (55.8%)
Win64 Executable (generic) (21.0%)
Windows screen saver (9.9%)
Win32 Dynamic Link Library (generic) (5.0%)
Win32 Executable (generic) (3.4%)
Tags
peexe assembly

VirusTotal metadata
First submission 2012-11-11 04:54:52 UTC ( 6 سنوات، 6 أشهر مضت )
Last submission 2018-12-31 05:51:49 UTC ( 4 أشهر، 2 أسبوعان مضت )
أسماء الملفات njT.exe
2013Wall.exe
server.exe
njRAT v0.5.0.exe
37089715.test.exe
njRAT.txt.exe
njRAT.exe
file-4755282_exe
njRAT.exe
d6007c6bf745ce5e079e59d26258a2d1.exe
njRAT.exe
80~
njRATconfig.exe
njRAT (1).exe
njRAT (2).exe
af39e54ec204e97ddcd50fac8d238d3f_njRAT.exe.safe
123456789.exe
njrat.exe
njRAT.exe
njRAT.txt
d6007c6bf745ce5e079e59d26258a2d1
njRAT v0.5.exe
njRAT(1).exe.7777
481njRAT.exe
nj-w0rm 0.4.1f.exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
لا توجد تعليقات. لا يوجد أحد من أعضاء مجتمع فايروس توتال قام بالتعليق على هذا الملف حتى الآن، كٌن اول شخص يفعل ذلك!

أترك تعليقك...

?
إضافة تعليق

لم تقم بتسجيل الدخول.فقط الأعضاء المسجلون لدينا يملكون صلاحية الرد, قم بتسجيل الدخول وشارك بصوتك !

لا توجد تصويتات. لا احد صوت على هذا الملف من قبل، كٌن اول شخص يفعل ذلك!