njrat | 1b52abbe00fa6500047c90d0a91917bf52bbb991659645bc91973278ebf4f7e2 | Triage

Sharing

General

Target

1b52abbe00fa6500047c90d0a91917bf52bbb991659645bc91973278ebf4f7e2
Size

93KB
Sample

220520-faegwsada6
MD5

3334c7abc97f14d7534f9016c5ed8860
SHA1

54a81f9d2d2a5efed4c2ba3f4948960ba399ce80
SHA256

1b52abbe00fa6500047c90d0a91917bf52bbb991659645bc91973278ebf4f7e2
SHA512

64d8119395bece39f3869b6b488a5256f99f30605cc1ddf6ae44fb99aa30084028b2cb1da0ad20296bbdf5797625d9348238554d0d77087d3112be7eab6f0ff0

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:NTU1Mg==

Mutex

90cdc4299e3838b5249c33e1c7a2dd25

Attributes

reg_key
90cdc4299e3838b5249c33e1c7a2dd25
splitter
|'|'|

Targets

- Target
  
  1b52abbe00fa6500047c90d0a91917bf52bbb991659645bc91973278ebf4f7e2
- Size
  
  93KB
- MD5
  
  3334c7abc97f14d7534f9016c5ed8860
- SHA1
  
  54a81f9d2d2a5efed4c2ba3f4948960ba399ce80
- SHA256
  
  1b52abbe00fa6500047c90d0a91917bf52bbb991659645bc91973278ebf4f7e2
- SHA512
  
  64d8119395bece39f3869b6b488a5256f99f30605cc1ddf6ae44fb99aa30084028b2cb1da0ad20296bbdf5797625d9348238554d0d77087d3112be7eab6f0ff0
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2