Overview

overview

10

Static

static

10

tmp/4ee5ff...t2.exe

windows7_x64

7

tmp/4ee5ff...t2.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp/4ee5ff11-ecf7-451f-9845-49006630bc3a_t2.exe

  • Size

    27KB

  • Sample

    211216-wdy9gacfa7

  • MD5

    702843f05e3db0afaa615fdd8f262be6

  • SHA1

    4c2de1531c7072598d4d399147c8add254421a25

  • SHA256

    e63d3be538ff76863ee863299e16a554e83908abaab1b59128b398d898cebcf7

  • SHA512

    eefb2c83fbb2a3d2bdfd7eb2309449ded6243c544eb223820e0f0e1f553a46e9fa975fbeb123b3d7bf9ebe5c884f6eee0340b6a7e09f1ea075a7fa7bb4463102

Score
10/10
njrathacked

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

95.211.239.205:550

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      tmp/4ee5ff11-ecf7-451f-9845-49006630bc3a_t2.exe

    • Size

      27KB

    • MD5

      702843f05e3db0afaa615fdd8f262be6

    • SHA1

      4c2de1531c7072598d4d399147c8add254421a25

    • SHA256

      e63d3be538ff76863ee863299e16a554e83908abaab1b59128b398d898cebcf7

    • SHA512

      eefb2c83fbb2a3d2bdfd7eb2309449ded6243c544eb223820e0f0e1f553a46e9fa975fbeb123b3d7bf9ebe5c884f6eee0340b6a7e09f1ea075a7fa7bb4463102

    Score
    7/10

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks