Overview

overview

10

Static

static

10

rat.bin.exe

windows7_x64

7

rat.bin.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    rat.bin

  • Size

    27KB

  • Sample

    211021-whm21aaeg9

  • MD5

    2e8e794f86f1a051f7e7148e4f88d51b

  • SHA1

    aac7a18fc94151ad70ee9bb578042175f2655ddc

  • SHA256

    7f3d7000a3459101aa4a5deda1d5732c9a3e02a663e5a56964623ceefa2b491e

  • SHA512

    697f484f9c32d8dfe94f62dd184369c980277722f19e5a7dddd2145e7aca291f3546416b98f92d1dc7359abc6d835380f68a9fffa1b55f3725e4b765bfeb5a20

Score
10/10
njratmybot

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

MyBot

C2

7.tcp.eu.ngrok.io:10772

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      rat.bin

    • Size

      27KB

    • MD5

      2e8e794f86f1a051f7e7148e4f88d51b

    • SHA1

      aac7a18fc94151ad70ee9bb578042175f2655ddc

    • SHA256

      7f3d7000a3459101aa4a5deda1d5732c9a3e02a663e5a56964623ceefa2b491e

    • SHA512

      697f484f9c32d8dfe94f62dd184369c980277722f19e5a7dddd2145e7aca291f3546416b98f92d1dc7359abc6d835380f68a9fffa1b55f3725e4b765bfeb5a20

    Score
    7/10

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks