njrat | febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5 | Triage

Submit
Reports

Overview

overview

Static

static

febaf8ae20...e5.exe

windows7_x64

febaf8ae20...e5.exe

windows10_x64

Sharing

General

Target

febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5
Size

3.5MB
Sample

220124-c46lpaaegq
MD5

fe8b2df29417a27881f4727c35aae61e
SHA1

1f9eccc08baa52fc5b91eee694bce443e08f2dd8
SHA256

febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5
SHA512

687452a1c9b69ed3fd6d8cc26e1fb7f0c2301b05f47e16e1983985a9def0fb1434352cb9b2d9f74cf0c89e469806aab17eb4b5b3f8e632fa1b04ff923444a31c

Score

10^/10

njrat trojan

Static task

static1

Behavioral task

behavioral1

Sample

febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5.exe

Resource

win10-en-20211208

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5
- Size
  
  3.5MB
- MD5
  
  fe8b2df29417a27881f4727c35aae61e
- SHA1
  
  1f9eccc08baa52fc5b91eee694bce443e08f2dd8
- SHA256
  
  febaf8ae20e133e5b4fd503d7f5097bbabe0f8d4664a951a8630f2e929b916e5
- SHA512
  
  687452a1c9b69ed3fd6d8cc26e1fb7f0c2301b05f47e16e1983985a9def0fb1434352cb9b2d9f74cf0c89e469806aab17eb4b5b3f8e632fa1b04ff923444a31c
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy