njrat | 247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6 | Triage

Submit
Reports

Overview

overview

Static

static

5

247b57d55c...c6.exe

windows7_x64

247b57d55c...c6.exe

windows10_x64

Sharing

General

Target

247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6
Size

1009KB
Sample

210830-adyrxl15la
MD5

115f1b9c9c4726d64145e09e3d25b51b
SHA1

b89ee732275ff23c16207f17e3360bdcc0019c63
SHA256

247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6
SHA512

10106840a0f92e055ad06b0f216deffcc6cbac85c48954b01f717b0b3ed11420f1fa03158771ada38fae481b04bff33f69f69cafedd38a52db93ee9cb2b6c8ff

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6
- Size
  
  1009KB
- MD5
  
  115f1b9c9c4726d64145e09e3d25b51b
- SHA1
  
  b89ee732275ff23c16207f17e3360bdcc0019c63
- SHA256
  
  247b57d55cdaa287404a2db0faf75a023bc0ed937b9fd9319e14c415cdfe57c6
- SHA512
  
  10106840a0f92e055ad06b0f216deffcc6cbac85c48954b01f717b0b3ed11420f1fa03158771ada38fae481b04bff33f69f69cafedd38a52db93ee9cb2b6c8ff
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy