Overview

overview

10

Static

static

10

acc62c054d...29.exe

windows7_x64

10

acc62c054d...29.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    acc62c054d469dbe939843e3fbcc5729.exe

  • Size

    37KB

  • Sample

    211105-w9gdjahgar

  • MD5

    acc62c054d469dbe939843e3fbcc5729

  • SHA1

    5c4fa46477f91209fb64130a5051dd2e144f46af

  • SHA256

    8ec51c13cf8a2342bdd735e69a10f3dfc2f2fe5b64d4b1c0f1573afcdde5b123

  • SHA512

    bc1e5b05a71c0e624f6bdffa7b2a56693ce5a1dbc050713549ef6dc239dba3bcdfcbf67a588d3bbe62406bb000541873d4ef76481a43175d46f530dcc2a3afe0

Score
10/10
njrathackedevasionsuricata

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

8.tcp.ngrok.io:18903

Mutex

78c5471af59a656e87f897d1a9cdc127

Attributes
  • reg_key

    78c5471af59a656e87f897d1a9cdc127

  • splitter

    |'|'|

Targets

    • Target

      acc62c054d469dbe939843e3fbcc5729.exe

    • Size

      37KB

    • MD5

      acc62c054d469dbe939843e3fbcc5729

    • SHA1

      5c4fa46477f91209fb64130a5051dd2e144f46af

    • SHA256

      8ec51c13cf8a2342bdd735e69a10f3dfc2f2fe5b64d4b1c0f1573afcdde5b123

    • SHA512

      bc1e5b05a71c0e624f6bdffa7b2a56693ce5a1dbc050713549ef6dc239dba3bcdfcbf67a588d3bbe62406bb000541873d4ef76481a43175d46f530dcc2a3afe0

    Score
    10/10
    evasionsuricata

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks