General
-
Target
https://cdn.discordapp.com/attachments/728960597013823539/813424056648728656/security.exe
-
Sample
210223-m1evajv65j
Score
10/10
Malware Config
Extracted
Family
njrat
Version
0.7d
Botnet
loader
C2
95.154.199.64:8745
Mutex
f1b0f742c95226e5b3a9714caf040bd0
Attributes
-
reg_key
f1b0f742c95226e5b3a9714caf040bd0
-
splitter
Y262SUCZ4UJJ
Targets
-
-
Target
https://cdn.discordapp.com/attachments/728960597013823539/813424056648728656/security.exe
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Drops startup file
-
Adds Run key to start application
-