njrat | 9f6fdc5e19242853318ccf433ca5288f4869fc045fde761b931a8bc8b8ac70d7 | Triage

Submit
Reports

Overview

overview

Static

static

9f6fdc5e19...e7.exe

windows7_x64

1

9f6fdc5e19...e7.exe

windows10_x64

Sharing

General

Target

9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe
Size

167KB
Sample

210906-14l42sbee4
MD5

0bcb7b5e42fc664c49a25df679fd3e62
SHA1

c1287a05d381069a06bcf716657ce1a38d9fd95e
SHA256

9f6fdc5e19242853318ccf433ca5288f4869fc045fde761b931a8bc8b8ac70d7
SHA512

d7929e9faa699e305f1b9502d8c6bd69cf3a66729517d9c511c621479a22bde06ec3bfca542cd3dee5548c8ebf0e3454d3cab29828c6117847e9c9536cf924be

Score

10^/10

njrat trojan

Static task

static1

Behavioral task

behavioral1

Sample

9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe

Resource

win10v20210408

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

C2

62.33.159.162:5674

Mutex

26c50014115b430

Attributes

reg_key
26c50014115b430
splitter
@!#&^%$

Targets

- Target
  
  9f6fdc5e19242853318ccf433ca5288f4869fc045fde7.exe
- Size
  
  167KB
- MD5
  
  0bcb7b5e42fc664c49a25df679fd3e62
- SHA1
  
  c1287a05d381069a06bcf716657ce1a38d9fd95e
- SHA256
  
  9f6fdc5e19242853318ccf433ca5288f4869fc045fde761b931a8bc8b8ac70d7
- SHA512
  
  d7929e9faa699e305f1b9502d8c6bd69cf3a66729517d9c511c621479a22bde06ec3bfca542cd3dee5548c8ebf0e3454d3cab29828c6117847e9c9536cf924be
Score

10^/10

njrat trojan
- Suspicious use of NtCreateProcessExOtherParentProcess
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy