njrat | 87ac8c78f79072416a0d38c7509602d28e367e990f31cbfaa667b59292391c99 | Triage

Sharing

General

Target

a359db2841e75ed24c3d39b7af55ea31.exe
Size

93KB
Sample

211230-axyldseaar
MD5

a359db2841e75ed24c3d39b7af55ea31
SHA1

db9b0ceb9ce3aca3403892f1b43e764891e3a047
SHA256

87ac8c78f79072416a0d38c7509602d28e367e990f31cbfaa667b59292391c99
SHA512

046d2048b43201fc6f739c7f5a29f98072cbe58a108e9d84354febc8cd402224be0525aab9c50fbe0893aa117b9172546f412c7ca13d58399b47a3aaabca5d67

Score

10^/10

njrat test evasion suricata

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

test

C2

FRANSESCOi50Y3Aubmdyb2suaW8Strik:MTM2OTc=

Mutex

ec7ab0589e1de9ff5c21e50cf763511e

Attributes

reg_key
ec7ab0589e1de9ff5c21e50cf763511e
splitter
|'|'|

Targets

- Target
  
  a359db2841e75ed24c3d39b7af55ea31.exe
- Size
  
  93KB
- MD5
  
  a359db2841e75ed24c3d39b7af55ea31
- SHA1
  
  db9b0ceb9ce3aca3403892f1b43e764891e3a047
- SHA256
  
  87ac8c78f79072416a0d38c7509602d28e367e990f31cbfaa667b59292391c99
- SHA512
  
  046d2048b43201fc6f739c7f5a29f98072cbe58a108e9d84354febc8cd402224be0525aab9c50fbe0893aa117b9172546f412c7ca13d58399b47a3aaabca5d67
Score

10^/10

evasion suricata
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasionsuricata

behavioral2

evasionsuricata