njrat | 836e0921a51d3e9bb91eb3a44f6cfe798dab4939b2ec5e6a39ff758db54e6b3d | Triage

Sharing

General

Target

836e0921a51d3e9bb91eb3a44f6cfe798dab4939b2ec5e6a39ff758db54e6b3d
Size

220KB
Sample

210924-qd86sahah2
MD5

4d7c442ee41682bc23f89190f6d30ec9
SHA1

544d50cf853121d3b169084e7b7fdcbe0b0ec9a3
SHA256

836e0921a51d3e9bb91eb3a44f6cfe798dab4939b2ec5e6a39ff758db54e6b3d
SHA512

19135b7e3f9fc2ca6b5c5853dbe94c4bb287067b3efba95e84402c086c9c3eb8253545127883b531374c91de5aa9c401e8fef64a0884bcb270e4e7d1d8fc49d3

Score

10^/10

njrat trojan

Malware Config

Extracted

Family

njrat

C2

ilfuoco.crabdance.com:1606

Mutex

2cdbd061ab

Attributes

reg_key
2cdbd061ab
splitter
@!#&^%$

Targets

- Target
  
  836e0921a51d3e9bb91eb3a44f6cfe798dab4939b2ec5e6a39ff758db54e6b3d
- Size
  
  220KB
- MD5
  
  4d7c442ee41682bc23f89190f6d30ec9
- SHA1
  
  544d50cf853121d3b169084e7b7fdcbe0b0ec9a3
- SHA256
  
  836e0921a51d3e9bb91eb3a44f6cfe798dab4939b2ec5e6a39ff758db54e6b3d
- SHA512
  
  19135b7e3f9fc2ca6b5c5853dbe94c4bb287067b3efba95e84402c086c9c3eb8253545127883b531374c91de5aa9c401e8fef64a0884bcb270e4e7d1d8fc49d3
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1