njrat | 18785260aad3adfbc6420296ee300551a24f53653c651258195d057d6c7ccd6e | Triage

Sharing

General

Target

tmp/414304dc-b351-4b56-978b-b9236b2dc246_t2.exe
Size

27KB
Sample

211216-v9cjxadcel
MD5

b80b022df52e0312fc023cc955ea06dd
SHA1

f49e6379612339160ca78b4da6728b16a5bc95fd
SHA256

18785260aad3adfbc6420296ee300551a24f53653c651258195d057d6c7ccd6e
SHA512

d7e15c1a38531a430493ba4fa117b5c80213afc7235a31ad9d13c2094fecfc7330616cf2f8be23744ba2354a8df1496227197f7d106b22aabd05de35a856d3e3

Score

10^/10

njrat hacked

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

musicnote.soundcast.me:5050

Mutex

Windows

Attributes

reg_key
Windows
splitter
|-F-|

Targets

- Target
  
  tmp/414304dc-b351-4b56-978b-b9236b2dc246_t2.exe
- Size
  
  27KB
- MD5
  
  b80b022df52e0312fc023cc955ea06dd
- SHA1
  
  f49e6379612339160ca78b4da6728b16a5bc95fd
- SHA256
  
  18785260aad3adfbc6420296ee300551a24f53653c651258195d057d6c7ccd6e
- SHA512
  
  d7e15c1a38531a430493ba4fa117b5c80213afc7235a31ad9d13c2094fecfc7330616cf2f8be23744ba2354a8df1496227197f7d106b22aabd05de35a856d3e3
Score

7^/10
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2