Overview

overview

10

Static

static

10

589a9ee499...0f.exe

windows7_x64

10

589a9ee499...0f.exe

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    589a9ee4991d935971bf6f5bad94a527f3b7eeb3e6f3fe469446a7e21246950f

  • Size

    37KB

  • Sample

    220520-e5dcmsaae8

  • MD5

    6d9ad1b00cd165a29db6015612b4c737

  • SHA1

    7b68c3e9cdf360845720b7216d508a88c6325447

  • SHA256

    589a9ee4991d935971bf6f5bad94a527f3b7eeb3e6f3fe469446a7e21246950f

  • SHA512

    30ecbb2e9973886c2b700ee362e19aba31e5c7b0288a4425d6b3134c8f36892658ede89cedb53b52e4dd334946a18639eab5e082eefd1ff002c92b956da89bd6

Score
10/10
njrathackedtrojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

5.1.49.49:25565

Mutex

1c2835cd073b6f871295750eb3281f85

Attributes
  • reg_key

    1c2835cd073b6f871295750eb3281f85

  • splitter

    |'|'|

Targets

    • Target

      589a9ee4991d935971bf6f5bad94a527f3b7eeb3e6f3fe469446a7e21246950f

    • Size

      37KB

    • MD5

      6d9ad1b00cd165a29db6015612b4c737

    • SHA1

      7b68c3e9cdf360845720b7216d508a88c6325447

    • SHA256

      589a9ee4991d935971bf6f5bad94a527f3b7eeb3e6f3fe469446a7e21246950f

    • SHA512

      30ecbb2e9973886c2b700ee362e19aba31e5c7b0288a4425d6b3134c8f36892658ede89cedb53b52e4dd334946a18639eab5e082eefd1ff002c92b956da89bd6

    Score
    10/10
    njrathackedtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks