njrat | 0095782ed10cdb7c4a28abb64d33a8198dd140a4f2d009f257b23082b18a31ad | Triage

Sharing

General

Target

0095782ed10cdb7c4a28abb64d33a8198dd140a4f2d009f257b23082b18a31ad
Size

37KB
Sample

220520-fbn3qaadg2
MD5

0fb6a481f0817c83932e5412c287cfb5
SHA1

e46b34896ea4daf2121ccbf95312e08b47b94cbf
SHA256

0095782ed10cdb7c4a28abb64d33a8198dd140a4f2d009f257b23082b18a31ad
SHA512

ceb7517680c3a6d516089350e0ccdba34ece483ad2cd2c61c6e2116d021b4114caff477794740dfac61ec09f48af85ddfb90e0a217ad7d67b6402c83513004fa

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

jgjg.hopto.org:13156

Mutex

d26855c7f566e12603501ded24020d36

Attributes

reg_key
d26855c7f566e12603501ded24020d36
splitter
|'|'|

Targets

- Target
  
  0095782ed10cdb7c4a28abb64d33a8198dd140a4f2d009f257b23082b18a31ad
- Size
  
  37KB
- MD5
  
  0fb6a481f0817c83932e5412c287cfb5
- SHA1
  
  e46b34896ea4daf2121ccbf95312e08b47b94cbf
- SHA256
  
  0095782ed10cdb7c4a28abb64d33a8198dd140a4f2d009f257b23082b18a31ad
- SHA512
  
  ceb7517680c3a6d516089350e0ccdba34ece483ad2cd2c61c6e2116d021b4114caff477794740dfac61ec09f48af85ddfb90e0a217ad7d67b6402c83513004fa
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2