njrat | 32b2120f490ba492d2cfa4673afcbbb2c1dd9b40a6605d6016f19d81faf661db | Triage

Sharing

General

Target

32b2120f490ba492d2cfa4673afcbbb2c1dd9b40a6605d6016f19d81faf661db
Size

37KB
Sample

220520-e77dhadabk
MD5

3614afdba86240954c0ac3323adc8ac3
SHA1

a595292f0c62494f04a94833a381c865edaaac3d
SHA256

32b2120f490ba492d2cfa4673afcbbb2c1dd9b40a6605d6016f19d81faf661db
SHA512

6ff1783e5e3258226cbf40179a946b869a5ce20f6e6def383732f901960aae031764e02cf961693712ff4141d49532373663df97bcf689c362b72ca5e08bf19c

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

nikita22811.ddns.net:4142

Mutex

6283acb16a134e6273566166330121e9

Attributes

reg_key
6283acb16a134e6273566166330121e9
splitter
|'|'|

Targets

- Target
  
  32b2120f490ba492d2cfa4673afcbbb2c1dd9b40a6605d6016f19d81faf661db
- Size
  
  37KB
- MD5
  
  3614afdba86240954c0ac3323adc8ac3
- SHA1
  
  a595292f0c62494f04a94833a381c865edaaac3d
- SHA256
  
  32b2120f490ba492d2cfa4673afcbbb2c1dd9b40a6605d6016f19d81faf661db
- SHA512
  
  6ff1783e5e3258226cbf40179a946b869a5ce20f6e6def383732f901960aae031764e02cf961693712ff4141d49532373663df97bcf689c362b72ca5e08bf19c
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2