njrat | 54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3 | Triage

Submit
Reports

Overview

overview

Static

static

5

54b32c5ed0...f3.exe

windows7_x64

54b32c5ed0...f3.exe

windows10_x64

Sharing

General

Target

54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
Size

1009KB
Sample

210906-he9jyaaef7
MD5

002d46f884f1cac49f4ab9c9960b1d84
SHA1

82dc55eecb2de7485a7b9c367d094c909e2f460f
SHA256

54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
SHA512

8b44f54475d0248cbe259184add0b0000fdcd45bce34e9b1a7857cd2577c141d828687f00f1dbb87610c3cb396e96a832c41fc15695fd0431c104facb7fba8e9

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3.exe

Resource

win7-en

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3.exe

Resource

win10v20210408

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
- Size
  
  1009KB
- MD5
  
  002d46f884f1cac49f4ab9c9960b1d84
- SHA1
  
  82dc55eecb2de7485a7b9c367d094c909e2f460f
- SHA256
  
  54b32c5ed0ace52388b5e7b43704e6b3c8d5b02133c6f96c9e1b537125bee0f3
- SHA512
  
  8b44f54475d0248cbe259184add0b0000fdcd45bce34e9b1a7857cd2577c141d828687f00f1dbb87610c3cb396e96a832c41fc15695fd0431c104facb7fba8e9
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy