njrat | 8da3f5cb51b6957627bf804edb2ae69c3633222d9a1e23583d1c6f810a81188b | Triage

Sharing

General

Target

Discord token grabber.rar
Size

8.8MB
Sample

220424-vfpx5shfh2
MD5

89bc85f77b59ddbad8be4b989df3bbff
SHA1

0dc2ad34675bf5e73353187de2aea387b00638f8
SHA256

8da3f5cb51b6957627bf804edb2ae69c3633222d9a1e23583d1c6f810a81188b
SHA512

a7dd866e8f854d834f129d1889116c51d8b9a864bb48165625d87d49fd019154532f0d3576ff6f89bf1a0fcb094bad7db32a57e6b7741e955bd71fc46bfa0d6e

Score

10^/10

njrat hacked by hidden person

Malware Config

Extracted

Family

njrat

Botnet

Hacked By HiDDen PerSOn

Mutex

b238f740560279557e7f122983c7ba65

Attributes

reg_key
b238f740560279557e7f122983c7ba65

Targets

- Target
  
  Discord token grabber/TokenPuller V.3.1 (setup) - by hokyz.exe
- Size
  
  30.1MB
- MD5
  
  ba32786e2bcde7e3d648e3fb7eb9e29c
- SHA1
  
  298561178fea0eda9cdbf59f93928b74b475dea9
- SHA256
  
  0d8833793a712d4af7c832fbbb70dd171d15de09e5f472fa351294eba746baa1
- SHA512
  
  e8ec4f2ce32cc583ec2365702ffd0998e57d5212263196e96bb2e3f5b13353f483fc347671dc7c13fa8d9b3f195beec1956ed0fc1b45b87acd7efa103956f54f
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

hacked by hidden personnjrat

behavioral1

behavioral2