njrat | dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a | Triage

Submit
Reports

Overview

overview

Static

static

5

dd53f452a1...9a.exe

windows7_x64

dd53f452a1...9a.exe

windows10_x64

Sharing

General

Target

dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a
Size

1009KB
Sample

210830-f77gp95zbe
MD5

6d1efd6663da1d5db55ae3a05eeaa0e2
SHA1

98f3e1641290ab80aa0f9981b494ecd837a9bc8f
SHA256

dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a
SHA512

2a7b2010dd7c3e4cea5dfa112c477c255f9bb9883a3fba688c35f3399470be94e9b0808c1383e39fe31557cdd909d3758e74bdb8000d01efb5d75c87f474af87

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a
- Size
  
  1009KB
- MD5
  
  6d1efd6663da1d5db55ae3a05eeaa0e2
- SHA1
  
  98f3e1641290ab80aa0f9981b494ecd837a9bc8f
- SHA256
  
  dd53f452a1265736a066c7073a0d83f42b861d1954a0ae02c654896692e4629a
- SHA512
  
  2a7b2010dd7c3e4cea5dfa112c477c255f9bb9883a3fba688c35f3399470be94e9b0808c1383e39fe31557cdd909d3758e74bdb8000d01efb5d75c87f474af87
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy