Overview

overview

10

Static

static

10

705f67dccd...4c.exe

windows7_x64

10

705f67dccd...4c.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    705f67dccd4c352a37b7eb04293f3e4c.exe

  • Size

    31KB

  • Sample

    211202-je84vafge6

  • MD5

    705f67dccd4c352a37b7eb04293f3e4c

  • SHA1

    1c5f8403e9ac0874e3f75f8b038b2f1b4ac7e64e

  • SHA256

    ef9c82bb0f96b6266672941cce875b59d431c7f3af89901a8c23ee813293823d

  • SHA512

    c1df9719ffde323313c014a23bcb4ebb921b179669768ce2a63e6ea2de10e946bee1e268c4196dce07e50c9f3b8efa72a92e13055d71e57931ab8acfb2fac19f

Score
10/10
njratmybotevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

4.tcp.ngrok.io:11654

Mutex

6536102889c57e7b9d5713fb75e47462

Attributes
  • reg_key

    6536102889c57e7b9d5713fb75e47462

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      705f67dccd4c352a37b7eb04293f3e4c.exe

    • Size

      31KB

    • MD5

      705f67dccd4c352a37b7eb04293f3e4c

    • SHA1

      1c5f8403e9ac0874e3f75f8b038b2f1b4ac7e64e

    • SHA256

      ef9c82bb0f96b6266672941cce875b59d431c7f3af89901a8c23ee813293823d

    • SHA512

      c1df9719ffde323313c014a23bcb4ebb921b179669768ce2a63e6ea2de10e946bee1e268c4196dce07e50c9f3b8efa72a92e13055d71e57931ab8acfb2fac19f

    Score
    10/10
    njratevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks