Overview

overview

10

Static

static

10

a20a44e2ad...5e.exe

windows7_x64

10

a20a44e2ad...5e.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a20a44e2add8f2ee2434258a20ac815e.exe

  • Size

    93KB

  • Sample

    211204-3fljqabgdn

  • MD5

    a20a44e2add8f2ee2434258a20ac815e

  • SHA1

    bf2886c5bda80c2cc1a1a8d3d270f3e82f3f39b9

  • SHA256

    87b9a82fa05019692e89dc944a4fe1ab669d1c844abfd509c7e3648a024d4a73

  • SHA512

    ebb8b81d74aaf9475f64a23116da3d62497a6c92f6a7ac33fdcb7895e0aab6419c86ab92e104dc66cfc13a5bd0faa104fb3a997ce7bcfd0044e2ad3d25273e36

Score
10/10
njrathackedevasionsuricata

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTA5LjEyFRANSESCOy4xFRANSESCOTguNjFRANSESCOStrik:NDQz

Mutex

3f0e7e396c4b65a76b6471f1f9d6d90a

Attributes
  • reg_key

    3f0e7e396c4b65a76b6471f1f9d6d90a

  • splitter

    |'|'|

Targets

    • Target

      a20a44e2add8f2ee2434258a20ac815e.exe

    • Size

      93KB

    • MD5

      a20a44e2add8f2ee2434258a20ac815e

    • SHA1

      bf2886c5bda80c2cc1a1a8d3d270f3e82f3f39b9

    • SHA256

      87b9a82fa05019692e89dc944a4fe1ab669d1c844abfd509c7e3648a024d4a73

    • SHA512

      ebb8b81d74aaf9475f64a23116da3d62497a6c92f6a7ac33fdcb7895e0aab6419c86ab92e104dc66cfc13a5bd0faa104fb3a997ce7bcfd0044e2ad3d25273e36

    Score
    10/10
    evasionsuricata

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks