njrat | f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce | Triage

Submit
Reports

Overview

overview

Static

static

5

f19f9a9e40...ce.exe

windows7_x64

f19f9a9e40...ce.exe

windows10_x64

Sharing

General

Target

f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce
Size

1009KB
Sample

210830-e26vj5gdcj
MD5

4c729d9edd95ee780d14e30ec059f4a8
SHA1

ed9b583cf594ad05ab4051200b903d716158ce28
SHA256

f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce
SHA512

9fbb33e7b96fa8814f4a3f5c6a945ae36e3368730190cb2e54d2e6ad351af5a8d821032e1a3673b480aacb5a2f333e91e694228f8d2ca30cdfd75642e729c372

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce
- Size
  
  1009KB
- MD5
  
  4c729d9edd95ee780d14e30ec059f4a8
- SHA1
  
  ed9b583cf594ad05ab4051200b903d716158ce28
- SHA256
  
  f19f9a9e40712335d74308b2e69f078dd6203dd1d6c519483c814c1cbe3d70ce
- SHA512
  
  9fbb33e7b96fa8814f4a3f5c6a945ae36e3368730190cb2e54d2e6ad351af5a8d821032e1a3673b480aacb5a2f333e91e694228f8d2ca30cdfd75642e729c372
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy