Overview

overview

10

Static

static

10

508dbdf333...81.exe

windows7_x64

10

508dbdf333...81.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    508dbdf33362da23088dc438a6685681.exe

  • Size

    31KB

  • Sample

    211202-kv3gnsgga8

  • MD5

    508dbdf33362da23088dc438a6685681

  • SHA1

    33ecad58c258c5cd896027811c6fa0f42564255b

  • SHA256

    2e15758b43bd03a317325eeb94461dd3aa146c9db3e6c31b8e9dda441f1ba4b3

  • SHA512

    9d643c60e94ec113b78d5dccef135d94b5dc6d5e8896aa44f7997ba8ee8150a5a3999d580fdd4f6e7fcf6e90195859022e4237fbcb073b32d8510fef4c723c6b

Score
10/10
njratmybotevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

4.tcp.ngrok.io:11098

Mutex

320234654d584eb6f8c61e6f7c039aa5

Attributes
  • reg_key

    320234654d584eb6f8c61e6f7c039aa5

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      508dbdf33362da23088dc438a6685681.exe

    • Size

      31KB

    • MD5

      508dbdf33362da23088dc438a6685681

    • SHA1

      33ecad58c258c5cd896027811c6fa0f42564255b

    • SHA256

      2e15758b43bd03a317325eeb94461dd3aa146c9db3e6c31b8e9dda441f1ba4b3

    • SHA512

      9d643c60e94ec113b78d5dccef135d94b5dc6d5e8896aa44f7997ba8ee8150a5a3999d580fdd4f6e7fcf6e90195859022e4237fbcb073b32d8510fef4c723c6b

    Score
    10/10
    njratevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks