njrat | b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f | Triage

Submit
Reports

Overview

overview

Static

static

5

b1004609dd...5f.exe

windows7_x64

b1004609dd...5f.exe

windows10_x64

Sharing

General

Target

b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
Size

1009KB
Sample

210830-vh3kpexztj
MD5

36963af4e87778f45b39091bc6592eef
SHA1

459d5abc7cc856e4cfc5cde82d97c7b5c5cb0011
SHA256

b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
SHA512

85f18e57f7655030c752072bd3605d41d6b391d109d7a9626cbb922aee3b71852fa295c7b010595e0353bc11c58b6463132def3e460572bb40ccb87665121a15

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
- Size
  
  1009KB
- MD5
  
  36963af4e87778f45b39091bc6592eef
- SHA1
  
  459d5abc7cc856e4cfc5cde82d97c7b5c5cb0011
- SHA256
  
  b1004609dd4604c78068f0f2ab7f2448b36259fedcb92043fd03cfaf46d3be5f
- SHA512
  
  85f18e57f7655030c752072bd3605d41d6b391d109d7a9626cbb922aee3b71852fa295c7b010595e0353bc11c58b6463132def3e460572bb40ccb87665121a15
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy