njrat | 2c93b625471a6651f95b8d35940acaedc9263ffaef689204948d7614507ad259 | Triage

Sharing

General

Target

6c95025f2875badef97590d2959dc712.exe
Size

93KB
Sample

211213-vah8eadhd3
MD5

6c95025f2875badef97590d2959dc712
SHA1

7c62a27c40c169d07325cd9e1bc9e29c8d546e04
SHA256

2c93b625471a6651f95b8d35940acaedc9263ffaef689204948d7614507ad259
SHA512

d4acae602bd2ceb79e6b7f7905683e622bd3e5ace7c52caade6d8b0bdb0f6b1d2ab83201d6e881d875c66a739902d4eb2ef5b0181bbb0b58ce9a15403d55d2d3

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:NjczOA==

Mutex

de5d489d043d0f3c2942740fdf2431f3

Attributes

reg_key
de5d489d043d0f3c2942740fdf2431f3
splitter
|'|'|

Targets

- Target
  
  6c95025f2875badef97590d2959dc712.exe
- Size
  
  93KB
- MD5
  
  6c95025f2875badef97590d2959dc712
- SHA1
  
  7c62a27c40c169d07325cd9e1bc9e29c8d546e04
- SHA256
  
  2c93b625471a6651f95b8d35940acaedc9263ffaef689204948d7614507ad259
- SHA512
  
  d4acae602bd2ceb79e6b7f7905683e622bd3e5ace7c52caade6d8b0bdb0f6b1d2ab83201d6e881d875c66a739902d4eb2ef5b0181bbb0b58ce9a15403d55d2d3
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2