njrat | 063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d | Triage

Submit
Reports

Overview

overview

Static

static

5

063b954426...7d.exe

windows7_x64

063b954426...7d.exe

windows10_x64

Sharing

General

Target

063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
Size

1009KB
Sample

210830-4snfxcbjbx
MD5

3b7e67075780219f65693e397fa721b8
SHA1

6cff74dcac65d345f10565268c95003854062f4a
SHA256

063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
SHA512

cc5de66f5bab3054068de6e34ca2dff86ee9312036dd3b0d5f370f9821dfefc1c24d15e233000abfbf5da296726b43e14c4845a62428176636aab8bbf1d3f770

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
- Size
  
  1009KB
- MD5
  
  3b7e67075780219f65693e397fa721b8
- SHA1
  
  6cff74dcac65d345f10565268c95003854062f4a
- SHA256
  
  063b9544262ae25393961c4f57a4e4c5a73032644d2a22ff423b8a53bc6c6a7d
- SHA512
  
  cc5de66f5bab3054068de6e34ca2dff86ee9312036dd3b0d5f370f9821dfefc1c24d15e233000abfbf5da296726b43e14c4845a62428176636aab8bbf1d3f770
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy