njrat | 896063f7d965ebf60d36b28c47135e010e212bc9955e7dfdfba4f085744ba47a | Triage

Submit
Reports

Overview

overview

Static

static

Client.exe

windows10_x64

Sharing

General

Target

Client.exe
Size

157KB
Sample

210904-rhlrqahddq
MD5

56bc3f630c9f0b284185cf952c2dc736
SHA1

eb6c702c2a2c48221a0eed0baacfe931c34e1757
SHA256

896063f7d965ebf60d36b28c47135e010e212bc9955e7dfdfba4f085744ba47a
SHA512

b37dc8750f01a3e55e392d7d5591147b010c6b0971874aad074ee0144da4fcda5ff58590a432c9777fd9fb5f78a2ca279fcbf5806598603e9ab0e0a5db601caf

Score

10^/10

njrat evasion spyware stealer suricata trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

Client.exe

Resource

win10v20210408

njrat evasion spyware stealer suricata trojan upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Client.exe
- Size
  
  157KB
- MD5
  
  56bc3f630c9f0b284185cf952c2dc736
- SHA1
  
  eb6c702c2a2c48221a0eed0baacfe931c34e1757
- SHA256
  
  896063f7d965ebf60d36b28c47135e010e212bc9955e7dfdfba4f085744ba47a
- SHA512
  
  b37dc8750f01a3e55e392d7d5591147b010c6b0971874aad074ee0144da4fcda5ff58590a432c9777fd9fb5f78a2ca279fcbf5806598603e9ab0e0a5db601caf
Score

10^/10

njrat evasion spyware stealer suricata trojan upx
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratevasionspywarestealersuricatatrojanupx

© 2018-2024

Terms | Privacy