Overview

overview

10

Static

static

10

f3fc789221...7c.exe

windows7_x64

8

f3fc789221...7c.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3fc78922144112105dd5b0bd4acd45d8723662e1960a14cf976edafa5cfbd7c

  • Size

    31KB

  • Sample

    220520-2ytglsbbgr

  • MD5

    cf856b0a8e9f53a5e94eb2c87865b61e

  • SHA1

    6278a094d00c2fc2a11d7064881789635b29fe64

  • SHA256

    f3fc78922144112105dd5b0bd4acd45d8723662e1960a14cf976edafa5cfbd7c

  • SHA512

    a813a28f195ea32003a3b23289dbf6cba44d4fb9d2700415155b2f42dcb0469d5ffda85047502b465592a87d28a2b0c7fb1ee9eefd2b97e85c35325342d19aae

Score
10/10
njratmybotevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

hjcnbr12.ddns.net:9897

Mutex

12ebff1e35adfb27442078d4ffad286a

Attributes
  • reg_key

    12ebff1e35adfb27442078d4ffad286a

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      f3fc78922144112105dd5b0bd4acd45d8723662e1960a14cf976edafa5cfbd7c

    • Size

      31KB

    • MD5

      cf856b0a8e9f53a5e94eb2c87865b61e

    • SHA1

      6278a094d00c2fc2a11d7064881789635b29fe64

    • SHA256

      f3fc78922144112105dd5b0bd4acd45d8723662e1960a14cf976edafa5cfbd7c

    • SHA512

      a813a28f195ea32003a3b23289dbf6cba44d4fb9d2700415155b2f42dcb0469d5ffda85047502b465592a87d28a2b0c7fb1ee9eefd2b97e85c35325342d19aae

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks