Overview

overview

10

Static

static

10

d9e5d66026...19.exe

windows7_x64

10

d9e5d66026...19.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d9e5d66026fc125152e074ff0a5a83c1a0a6f7e95349c40a13f003cbbdf9d219

  • Size

    93KB

  • Sample

    220306-3y76faacar

  • MD5

    449413e5214bf8ce7cbb52a223b66bb7

  • SHA1

    7a125c96185256b74aafd2e8d8ac0316cc36f1f4

  • SHA256

    d9e5d66026fc125152e074ff0a5a83c1a0a6f7e95349c40a13f003cbbdf9d219

  • SHA512

    962a7e727691b6e58449f008ef2f850d09d634406fd4a5c3cb6d9370639d0dde8a028196101bcd7a4fa217a1aa5c5966c87e2eb32bea5c5ac428314b134b5835

Score
10/10
njrat8888trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

8888

C2

FRANSESCOTI3LjAuFRANSESCOC4x:MTU5Mw==

Mutex

5c5605e4e8601d3435d51043a4b20f26

Attributes
  • reg_key

    5c5605e4e8601d3435d51043a4b20f26

  • splitter

    |'|'|

Targets

    • Target

      d9e5d66026fc125152e074ff0a5a83c1a0a6f7e95349c40a13f003cbbdf9d219

    • Size

      93KB

    • MD5

      449413e5214bf8ce7cbb52a223b66bb7

    • SHA1

      7a125c96185256b74aafd2e8d8ac0316cc36f1f4

    • SHA256

      d9e5d66026fc125152e074ff0a5a83c1a0a6f7e95349c40a13f003cbbdf9d219

    • SHA512

      962a7e727691b6e58449f008ef2f850d09d634406fd4a5c3cb6d9370639d0dde8a028196101bcd7a4fa217a1aa5c5966c87e2eb32bea5c5ac428314b134b5835

    Score
    10/10
    njrat8888trojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks