njrat | eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98 | Triage

Submit
Reports

Overview

overview

Static

static

5

eaa939ad48...98.exe

windows7_x64

eaa939ad48...98.exe

windows10_x64

Sharing

General

Target

eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98
Size

1009KB
Sample

210830-dd7hyk2waj
MD5

e3cfbdd8917aa3440ee8016a66d4a1df
SHA1

bfcbe8ced52babc5f1e8ed18d31a852db1a49ba9
SHA256

eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98
SHA512

4a49c879fb544afa512190766ee9eef01a69bddb5289d7e41e562f14d88a629d8f7b63eae0b424b5f54db8e2bc621c0e42ff3ed22d6fe25e16296de53815f17d

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98
- Size
  
  1009KB
- MD5
  
  e3cfbdd8917aa3440ee8016a66d4a1df
- SHA1
  
  bfcbe8ced52babc5f1e8ed18d31a852db1a49ba9
- SHA256
  
  eaa939ad48a392c7dec3cadc1119660cb61c9e1c4c0392607117e051c66b5e98
- SHA512
  
  4a49c879fb544afa512190766ee9eef01a69bddb5289d7e41e562f14d88a629d8f7b63eae0b424b5f54db8e2bc621c0e42ff3ed22d6fe25e16296de53815f17d
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy