njrat | 63619660ee0cb7ce28fceb3c7cb597fa73c1c609f1c77fd75a4c907cfa34ac09 | Triage

Sharing

General

Target

file.exe
Size

27KB
Sample

210905-txpg9scghq
MD5

7013f4f226a8bae3d0ad18346a5cb41a
SHA1

837031fcef921fa65910357c4122f4e0bccc0f8e
SHA256

63619660ee0cb7ce28fceb3c7cb597fa73c1c609f1c77fd75a4c907cfa34ac09
SHA512

8d39e7678afb794e669facca354b9f2b00de8f8c99f5966120c9cc3b357f3b636313f6d72d18a80105a477666d7fda6dd3d38cce815d2583ac6115badb21822c

Score

10^/10

njrat hacked

Malware Config

Extracted

Family

njrat

Version

v4.0

Botnet

HacKed

C2

gerousd8.duckdns.org:7827

Mutex

Windows

Attributes

reg_key
Windows
splitter
|-F-|

Targets

- Target
  
  file.exe
- Size
  
  27KB
- MD5
  
  7013f4f226a8bae3d0ad18346a5cb41a
- SHA1
  
  837031fcef921fa65910357c4122f4e0bccc0f8e
- SHA256
  
  63619660ee0cb7ce28fceb3c7cb597fa73c1c609f1c77fd75a4c907cfa34ac09
- SHA512
  
  8d39e7678afb794e669facca354b9f2b00de8f8c99f5966120c9cc3b357f3b636313f6d72d18a80105a477666d7fda6dd3d38cce815d2583ac6115badb21822c
Score

7^/10
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2