Overview

overview

10

Static

static

10

e64dc8b80b...3a.exe

windows7_x64

10

e64dc8b80b...3a.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e64dc8b80b5d447b520f557781acb0b3d539c92e6919de4b376ef1cca9af953a

  • Size

    385KB

  • Sample

    210930-pfhk6shfc3

  • MD5

    22efb002ff6995db833e92bc0e151613

  • SHA1

    fe78c82bf566f4c54b32474917b13b66ef1c11ff

  • SHA256

    e64dc8b80b5d447b520f557781acb0b3d539c92e6919de4b376ef1cca9af953a

  • SHA512

    7218abb399f75d81bf0eb5bd41f62eb5ba648632ea49818598791ccdff002fb4770214c0efd08517faa3d622ac8ababbeb1e50e5768787f2988c2eeb9a5c3202

Score
10/10
njrathackedtrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

almammory.hopto.org:5552

Mutex

afc92bf1571988bf5da2e394256896ce

Attributes
  • reg_key

    afc92bf1571988bf5da2e394256896ce

  • splitter

    |'|'|

Targets

    • Target

      e64dc8b80b5d447b520f557781acb0b3d539c92e6919de4b376ef1cca9af953a

    • Size

      385KB

    • MD5

      22efb002ff6995db833e92bc0e151613

    • SHA1

      fe78c82bf566f4c54b32474917b13b66ef1c11ff

    • SHA256

      e64dc8b80b5d447b520f557781acb0b3d539c92e6919de4b376ef1cca9af953a

    • SHA512

      7218abb399f75d81bf0eb5bd41f62eb5ba648632ea49818598791ccdff002fb4770214c0efd08517faa3d622ac8ababbeb1e50e5768787f2988c2eeb9a5c3202

    Score
    10/10
    njrathackedtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks