Overview

overview

10

Static

static

10

60cbf37941...dc.exe

windows7_x64

10

60cbf37941...dc.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    60cbf379417e56390753d9c9482b6cdc.exe

  • Size

    31KB

  • Sample

    211213-va5fmsfabp

  • MD5

    60cbf379417e56390753d9c9482b6cdc

  • SHA1

    33e882b9261c7a286d94490846e1ffa26568f28e

  • SHA256

    f8273bb883ff7a73e822a067d5459f0c0340d6d1615d4adee46ef12dd673b77b

  • SHA512

    ac47ef97ec1cea485beb0b91713b248c3f4b63c28d94de2b0d44f163523c55e4fca3ff62636d717de6a903fc109ab91bc0966644a41fe19465c4bcbfb615c20b

Score
10/10
njratmybotevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

127.0.0.1:1177

Mutex

086e692be851e3bfdee20dd56bf5111b

Attributes
  • reg_key

    086e692be851e3bfdee20dd56bf5111b

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      60cbf379417e56390753d9c9482b6cdc.exe

    • Size

      31KB

    • MD5

      60cbf379417e56390753d9c9482b6cdc

    • SHA1

      33e882b9261c7a286d94490846e1ffa26568f28e

    • SHA256

      f8273bb883ff7a73e822a067d5459f0c0340d6d1615d4adee46ef12dd673b77b

    • SHA512

      ac47ef97ec1cea485beb0b91713b248c3f4b63c28d94de2b0d44f163523c55e4fca3ff62636d717de6a903fc109ab91bc0966644a41fe19465c4bcbfb615c20b

    Score
    10/10
    njratevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks