» njRAT.exe
Overview
Analysis
File Details

njRAT.exe

njRAT

njq8

The executable njRAT.exe has been detected as malware by 27 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

njRAT.exe

Publisher:

njq8

Product:

njRAT

Version:

0.4.1.0

MD5:

314a5d5739d4e0083ca767fc652e7d7c

SHA-1:

741a9428f7679cdb5d3a9843f329531fe28e4718

SHA-256:

7ef3ff2e41fe22fc56205b9a0024129f725cce4cef428979fcec130cb2311499

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/18/2024 12:53:57 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.250015

1130

Avira AntiVirus

TR/Rogue.8855766

7.11.124.108

avast!

Win32:Malware-gen

2014.9-140101

AVG

PSW.MSIL

2015.0.3608

Baidu Antivirus

Trojan.MSIL.Spy

4.0.3.1411

Bitdefender

Gen:Variant.Kazy.250015

1.0.20.5

Bkav FE

W32.Clod07c.Trojan

1.3.0.4613

Comodo Security

UnclassifiedMalware

17579

Emsisoft Anti-Malware

Trojan-Spy.MSIL.Agent

8.14.01.01.09

ESET NOD32

MSIL/Bladabindi.AN (variant)

8.9269

F-Secure

Gen:Variant.Kazy.250015

11.2014-01-01_4

G Data

Gen:Variant.Kazy.250015

14.1.22

IKARUS anti.virus

Win32.SuspectCrc

t3scan.2.2.29

K7 AntiVirus

Riskware

13.175.10781

Malwarebytes

HackTool.Agent

v2014.01.01.09

McAfee

Artemis!314A5D5739D4

5600.7264

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AH

1.165.247.01

MicroWorld eScan

Gen:Variant.Kazy.250015

15.0.0.3

Norman

Suspicious_Gen5.PFFN

11.20140101

Panda Antivirus

Generic Malware

14.01.01.09

Rising Antivirus

PE:Backdoor.Bot!1.6675

23.00.65.131230

Sophos

Mal/Generic-S

4.96

SUPERAntiSpyware

Trojan.Agent/Gen-Falcomp[i]

10872

Trend Micro House Call

TROJ_GEN.R0CBC0DIU13

7.2.1

Trend Micro

TROJ_GEN.R0CBC0DIU13

10.465.01

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

25250

ViRobot

Trojan.Win32.A.Burda.1539584

2011.4.7.4223

File size:

1.5 MB (1,539,584 bytes)

Product version:

0.4.1.0

Original file name:

njRAT.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\njrat.exe

File PE Metadata

Compilation timestamp:

9/30/2012 11:57:58 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:zCbzBnAoAiRC6imbnauA7+NiNjJziV34PoZTDQ1pKqEClpdnEYy7JhjFhXEFvUpy:zCRFRbiwnau9ra

Entry address:

0x177C1E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

1.5 MB (1,531,392 bytes)

Remove njRAT.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.