njrat | dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664 | Triage

Submit
Reports

Overview

overview

Static

static

5

dfd682d846...64.exe

windows7_x64

dfd682d846...64.exe

windows10_x64

Sharing

General

Target

dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
Size

1009KB
Sample

210830-y1gxjjwa7x
MD5

ea90ca0befdcfe335987659cf032f1d0
SHA1

f6e334b13c3bf75a37a5af17a4d3ea193a77e6fa
SHA256

dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
SHA512

5f45a82c52bbc384c53d40fcf50b1193ca1500c382c37a0b0a0c08b3e7c62b63c8b98e6327592e524b01b953ea4c63949f882988d7a6386ab08ad231c9cb2098

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
- Size
  
  1009KB
- MD5
  
  ea90ca0befdcfe335987659cf032f1d0
- SHA1
  
  f6e334b13c3bf75a37a5af17a4d3ea193a77e6fa
- SHA256
  
  dfd682d846b7bafdf130893d385c8d5a4fcc64d1c1b81e114e46e8deb08ae664
- SHA512
  
  5f45a82c52bbc384c53d40fcf50b1193ca1500c382c37a0b0a0c08b3e7c62b63c8b98e6327592e524b01b953ea4c63949f882988d7a6386ab08ad231c9cb2098
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy