njrat | d143e8e7f7bd7b5761bb4657f5feccb7049c362728e6d30197c5089b2898d6dc | Triage

Sharing

General

Target

d143e8e7f7bd7b5761bb4657f5feccb7049c362728e6d30197c5089b2898d6dc
Size

93KB
Sample

220520-1d6e1adgf2
MD5

41899bf2fbd18a2f86758eaf9c5a9c7c
SHA1

55fb04b65fcb6c95e8d4bce1bd16ef2c7ccb55b4
SHA256

d143e8e7f7bd7b5761bb4657f5feccb7049c362728e6d30197c5089b2898d6dc
SHA512

50f9bc2937430d82b189d240191bd13c882c086f67e95b9fe33e57bd8f14e3562ca72019681c36c284b73dd3338d22bab7d150c2d976837154363112e09d3279

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:MTYwNA==

Mutex

099fbeb3abca38143cb947d1121af1c3

Attributes

reg_key
099fbeb3abca38143cb947d1121af1c3
splitter
|'|'|

Targets

- Target
  
  d143e8e7f7bd7b5761bb4657f5feccb7049c362728e6d30197c5089b2898d6dc
- Size
  
  93KB
- MD5
  
  41899bf2fbd18a2f86758eaf9c5a9c7c
- SHA1
  
  55fb04b65fcb6c95e8d4bce1bd16ef2c7ccb55b4
- SHA256
  
  d143e8e7f7bd7b5761bb4657f5feccb7049c362728e6d30197c5089b2898d6dc
- SHA512
  
  50f9bc2937430d82b189d240191bd13c882c086f67e95b9fe33e57bd8f14e3562ca72019681c36c284b73dd3338d22bab7d150c2d976837154363112e09d3279
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2