njrat | 1f706c309a0658a6753a7585a1bfb2d30fcfacc8e417c8bd7d62c78a26597d7a | Triage

Sharing

General

Target

1f706c309a0658a6753a7585a1bfb2d30fcfacc8e417c8bd7d62c78a26597d7a
Size

374KB
Sample

220129-rzh26acff7
MD5

e8c4a336c901a8799525ea30486838b3
SHA1

856980d3acbed47e7c9cae6c1f0d608888537382
SHA256

1f706c309a0658a6753a7585a1bfb2d30fcfacc8e417c8bd7d62c78a26597d7a
SHA512

0eac6f516d36f94631821658d959a13ca73def3e95c32aaa61c4f77d79803f09e2dba587f8921f75eb561bf879c7fd7e8bc00042ceee75ed7a63cc19f9fa9f99

Score

10^/10

njrat evasion trojan

Malware Config

Targets

- Target
  
  1f706c309a0658a6753a7585a1bfb2d30fcfacc8e417c8bd7d62c78a26597d7a
- Size
  
  374KB
- MD5
  
  e8c4a336c901a8799525ea30486838b3
- SHA1
  
  856980d3acbed47e7c9cae6c1f0d608888537382
- SHA256
  
  1f706c309a0658a6753a7585a1bfb2d30fcfacc8e417c8bd7d62c78a26597d7a
- SHA512
  
  0eac6f516d36f94631821658d959a13ca73def3e95c32aaa61c4f77d79803f09e2dba587f8921f75eb561bf879c7fd7e8bc00042ceee75ed7a63cc19f9fa9f99
Score

10^/10

njrat evasion trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratevasiontrojan

behavioral2

njratevasiontrojan