General

  • Target

    a6e5b75aa89f9057e0ab97d0064f9226.exe

  • Size

    31KB

  • Sample

    211227-2z6hkabgcq

  • MD5

    a6e5b75aa89f9057e0ab97d0064f9226

  • SHA1

    563235fef327e1877822799f2a60c6309146e6e8

  • SHA256

    97445a651bd56279e64a3f4bf79e454205e00bc84c7b500b0e69e30a93e85075

  • SHA512

    6276c98823d774830b575a24a71c4f31d89ab14a3b9cc5df1aa19e79e5bd23500f3c9605acc7e00b15e7d126d9bd33cd45b4f290a0ccdf14c9fafa528bf2b7e4

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

66.70.242.36:8080

Mutex

809f58a08e0959cac84aebf152692d86

Attributes
  • reg_key

    809f58a08e0959cac84aebf152692d86

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      a6e5b75aa89f9057e0ab97d0064f9226.exe

    • Size

      31KB

    • MD5

      a6e5b75aa89f9057e0ab97d0064f9226

    • SHA1

      563235fef327e1877822799f2a60c6309146e6e8

    • SHA256

      97445a651bd56279e64a3f4bf79e454205e00bc84c7b500b0e69e30a93e85075

    • SHA512

      6276c98823d774830b575a24a71c4f31d89ab14a3b9cc5df1aa19e79e5bd23500f3c9605acc7e00b15e7d126d9bd33cd45b4f290a0ccdf14c9fafa528bf2b7e4

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v6

Tasks