Overview

overview

10

Static

static

10

715beb1d11...90.exe

windows7_x64

8

715beb1d11...90.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    715beb1d116227aba12a22b26060f5f2000e7868e73d05c0b43c0c3d56d7a690

  • Size

    93KB

  • Sample

    220520-e24enahhe2

  • MD5

    d6d226bf39de6870d7136c5a96ebc001

  • SHA1

    c30c3543bd5a56625021090fdca005e4c395e6a9

  • SHA256

    715beb1d116227aba12a22b26060f5f2000e7868e73d05c0b43c0c3d56d7a690

  • SHA512

    715d1144271395147eef64e7d528c5a0a174a4d5f5e253f2b9ee90f5d7a841919b143dd7b3deb7a173f832a61e064c4df53a8a424d899e95f8b3c466d27935ed

Score
10/10
njrathackedevasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOi50Y3Aubmdyb2suaW8Strik:MTIyNTI=

Mutex

b8172dd7e57195f1cccda21c754bb240

Attributes
  • reg_key

    b8172dd7e57195f1cccda21c754bb240

  • splitter

    |'|'|

Targets

    • Target

      715beb1d116227aba12a22b26060f5f2000e7868e73d05c0b43c0c3d56d7a690

    • Size

      93KB

    • MD5

      d6d226bf39de6870d7136c5a96ebc001

    • SHA1

      c30c3543bd5a56625021090fdca005e4c395e6a9

    • SHA256

      715beb1d116227aba12a22b26060f5f2000e7868e73d05c0b43c0c3d56d7a690

    • SHA512

      715d1144271395147eef64e7d528c5a0a174a4d5f5e253f2b9ee90f5d7a841919b143dd7b3deb7a173f832a61e064c4df53a8a424d899e95f8b3c466d27935ed

    Score
    8/10
    evasion

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks