njrat | f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca | Triage

Submit
Reports

Overview

overview

Static

static

5

f44b014fde...ca.exe

windows7_x64

f44b014fde...ca.exe

windows10_x64

Sharing

General

Target

f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
Size

1009KB
Sample

210830-shfhhxeeb6
MD5

48f6e580a94cf841c495afa5c50e96a6
SHA1

e50a3a337524a6a3a638ed33828fda110bbd8d3a
SHA256

f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
SHA512

3fbef618e474b76feb407b44a892e59c391b09ca6e6c13d589144fe4edee2892101cbf4234075c66d0d2707614c5f4ca5709f0d99459150f1a3fbd66b19abab0

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
- Size
  
  1009KB
- MD5
  
  48f6e580a94cf841c495afa5c50e96a6
- SHA1
  
  e50a3a337524a6a3a638ed33828fda110bbd8d3a
- SHA256
  
  f44b014fde675419cf4c666a600aa312fccb57be890e12a03b2019d74fe4b1ca
- SHA512
  
  3fbef618e474b76feb407b44a892e59c391b09ca6e6c13d589144fe4edee2892101cbf4234075c66d0d2707614c5f4ca5709f0d99459150f1a3fbd66b19abab0
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy