njrat | 41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681 | Triage

Submit
Reports

Overview

overview

Static

static

5

41e16d2622...81.exe

windows7_x64

41e16d2622...81.exe

windows10_x64

Sharing

General

Target

41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681
Size

1009KB
Sample

210909-n47pjabcdp
MD5

2bdfc0cc5cad829995fb730b83c099c8
SHA1

3f7a49c990bc5b6fa7df644dd3dd1d7046e35ab5
SHA256

41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681
SHA512

1563050e048541135b57fef6b14cb14f7a4d95dc63539a1e0677116fef256f1c3fced0aa7fb82567efcc12741c00d4fc37b1b9458e90cbaa3da13ac2f7a3db0d

Score

10^/10

njrat limebot3 trojan

Static task

static1

Behavioral task

behavioral1

Sample

41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681.exe

Resource

win7v20210408

njrat limebot3 trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681.exe

Resource

win10-en

njrat limebot3 trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

njrat

Version

0.7.3

Botnet

Limebot3

C2

microsoftdnsbug.duckdns.org:6699

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
luffy

Targets

- Target
  
  41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681
- Size
  
  1009KB
- MD5
  
  2bdfc0cc5cad829995fb730b83c099c8
- SHA1
  
  3f7a49c990bc5b6fa7df644dd3dd1d7046e35ab5
- SHA256
  
  41e16d26226c15800b3dda0529c07e7d17db42cb7d30023849a595df60e44681
- SHA512
  
  1563050e048541135b57fef6b14cb14f7a4d95dc63539a1e0677116fef256f1c3fced0aa7fb82567efcc12741c00d4fc37b1b9458e90cbaa3da13ac2f7a3db0d
Score

10^/10

njrat limebot3 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Suspicious use of SetThreadContext
- autoit_exe
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratlimebot3trojan

behavioral2

njratlimebot3trojan

© 2018-2024

Terms | Privacy