njrat | efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c | Triage

Submit
Reports

Overview

overview

Static

static

5

efcd93564f...1c.exe

windows7_x64

efcd93564f...1c.exe

windows10_x64

Sharing

General

Target

efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c
Size

1009KB
Sample

210830-yx4d3fesy2
MD5

62da1e802d6b8d99039a393e81519f55
SHA1

351a5ea21323e3fd4e2376cb27b2254fe321549a
SHA256

efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c
SHA512

77d65c9125174fface2716df25a53e50f65b9e56d350a069eeb3243e76484eec221cc46defb37476d3e087a4e52aa2a59a42b1ebe3a60c9be82326c875f4472a

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c
- Size
  
  1009KB
- MD5
  
  62da1e802d6b8d99039a393e81519f55
- SHA1
  
  351a5ea21323e3fd4e2376cb27b2254fe321549a
- SHA256
  
  efcd93564fc1fcdfac673a30ac1150508e8cb4a3e4f981da05ef61392f684a1c
- SHA512
  
  77d65c9125174fface2716df25a53e50f65b9e56d350a069eeb3243e76484eec221cc46defb37476d3e087a4e52aa2a59a42b1ebe3a60c9be82326c875f4472a
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy