Overview

overview

10

Static

static

ac2c34d135...b3.exe

windows7_x64

10

ac2c34d135...b3.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac2c34d1352613f5d2a61f1613dad5b3.exe

  • Size

    59KB

  • Sample

    211204-ll3azsdeg2

  • MD5

    ac2c34d1352613f5d2a61f1613dad5b3

  • SHA1

    93013165236cc4159602a33719c874554d4adb26

  • SHA256

    a2b7b61d87801940b9bf2d480fb2b0079c7bf229455ae68b5539d010cbf3917a

  • SHA512

    78cc3e7650c119c2f6c2f71cb732b5af4e473b484783d383b092747f2f723b352af02e1c200ee149b756cacd3dad25b1c9ee2844d089c2e7334357096ec7a819

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

aboo3zhh.ddns.net:5552

Mutex

d7ba90557f4f3e98c51e552523d78090

Attributes
  • reg_key

    d7ba90557f4f3e98c51e552523d78090

  • splitter

    |'|'|

Targets

    • Target

      ac2c34d1352613f5d2a61f1613dad5b3.exe

    • Size

      59KB

    • MD5

      ac2c34d1352613f5d2a61f1613dad5b3

    • SHA1

      93013165236cc4159602a33719c874554d4adb26

    • SHA256

      a2b7b61d87801940b9bf2d480fb2b0079c7bf229455ae68b5539d010cbf3917a

    • SHA512

      78cc3e7650c119c2f6c2f71cb732b5af4e473b484783d383b092747f2f723b352af02e1c200ee149b756cacd3dad25b1c9ee2844d089c2e7334357096ec7a819

    Score
    10/10
    njrathackedevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks