njrat | 248819366c125936dce7c0e5af0119c6dcacf2e2f3c3beef78ea03ffe8b9ab33 | Triage

Sharing

General

Target

248819366C125936DCE7C0E5AF0119C6DCACF2E2F3C3B.exe
Size

214KB
Sample

211120-2wntcadcfk
MD5

47694f07c6d517c05f97225da98adc15
SHA1

8aae74664ca09973615292e572a927043f9d2f9e
SHA256

248819366c125936dce7c0e5af0119c6dcacf2e2f3c3beef78ea03ffe8b9ab33
SHA512

586ea910189147d8f675d57c720a03c8abef8eec25a72b70d65d2a0daa21a2841c883ba024a5c781a8ad0304232842e09711ab7f604cb50c75a347fe9eec046f

Score

10^/10

njrat 17.12.2017 suricata trojan

Malware Config

Extracted

Family

njrat

Version

Hallaj PRO Rat [Fixed]

Botnet

17.12.2017

C2

ytka.duckdns.org:1605

Mutex

f58babab038d7b7e993d811afbfd85b8

Attributes

reg_key
f58babab038d7b7e993d811afbfd85b8
splitter
boolLove

Targets

- Target
  
  248819366C125936DCE7C0E5AF0119C6DCACF2E2F3C3B.exe
- Size
  
  214KB
- MD5
  
  47694f07c6d517c05f97225da98adc15
- SHA1
  
  8aae74664ca09973615292e572a927043f9d2f9e
- SHA256
  
  248819366c125936dce7c0e5af0119c6dcacf2e2f3c3beef78ea03ffe8b9ab33
- SHA512
  
  586ea910189147d8f675d57c720a03c8abef8eec25a72b70d65d2a0daa21a2841c883ba024a5c781a8ad0304232842e09711ab7f604cb50c75a347fe9eec046f
Score

10^/10

njrat 17.12.2017 suricata trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

njrat17.12.2017suricatatrojan

behavioral2

njrat17.12.2017suricatatrojan