Overview

overview

10

Static

static

6CF07AB2FF...66.exe

windows7_x64

10

6CF07AB2FF...66.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6CF07AB2FF64200E8CD38602D14BC566.exe

  • Size

    1.2MB

  • Sample

    210904-jcd6pahbdq

  • MD5

    6cf07ab2ff64200e8cd38602d14bc566

  • SHA1

    74edddc5fa816ecd47bb0a90b4ed605e1b8e8e6b

  • SHA256

    7a5ea108c883639b28770a677217474e15e8e26a141b13cefd59100f72c3a598

  • SHA512

    a47d91fb8c9f3edeb18897989f93ff8e5a2f90a4fa19f512983512238597988e5b490ebd1595dcd0aaf294c222a51d3c10da5ea013bccb0948e538ee00b8bbe1

Score
10/10
njrathacked evasionsuricatatrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

4.tcp.ngrok.io:14914

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |'|'|

Targets

    • Target

      6CF07AB2FF64200E8CD38602D14BC566.exe

    • Size

      1.2MB

    • MD5

      6cf07ab2ff64200e8cd38602d14bc566

    • SHA1

      74edddc5fa816ecd47bb0a90b4ed605e1b8e8e6b

    • SHA256

      7a5ea108c883639b28770a677217474e15e8e26a141b13cefd59100f72c3a598

    • SHA512

      a47d91fb8c9f3edeb18897989f93ff8e5a2f90a4fa19f512983512238597988e5b490ebd1595dcd0aaf294c222a51d3c10da5ea013bccb0948e538ee00b8bbe1

    Score
    10/10
    njrathacked evasionsuricatatrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks