njrat | a2b7b61d87801940b9bf2d480fb2b0079c7bf229455ae68b5539d010cbf3917a | Triage

Sharing

General

Target

ac2c34d1352613f5d2a61f1613dad5b3.exe
Size

59KB
Sample

211204-ll3azsdeg2
MD5

ac2c34d1352613f5d2a61f1613dad5b3
SHA1

93013165236cc4159602a33719c874554d4adb26
SHA256

a2b7b61d87801940b9bf2d480fb2b0079c7bf229455ae68b5539d010cbf3917a
SHA512

78cc3e7650c119c2f6c2f71cb732b5af4e473b484783d383b092747f2f723b352af02e1c200ee149b756cacd3dad25b1c9ee2844d089c2e7334357096ec7a819

Score

10^/10

njrat hacked evasion trojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

aboo3zhh.ddns.net:5552

Mutex

d7ba90557f4f3e98c51e552523d78090

Attributes

reg_key
d7ba90557f4f3e98c51e552523d78090
splitter
|'|'|

Targets

- Target
  
  ac2c34d1352613f5d2a61f1613dad5b3.exe
- Size
  
  59KB
- MD5
  
  ac2c34d1352613f5d2a61f1613dad5b3
- SHA1
  
  93013165236cc4159602a33719c874554d4adb26
- SHA256
  
  a2b7b61d87801940b9bf2d480fb2b0079c7bf229455ae68b5539d010cbf3917a
- SHA512
  
  78cc3e7650c119c2f6c2f71cb732b5af4e473b484783d383b092747f2f723b352af02e1c200ee149b756cacd3dad25b1c9ee2844d089c2e7334357096ec7a819
Score

10^/10

njrat hacked evasion trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackedevasiontrojan

behavioral2

njrathackedevasiontrojan