General

  • Target

    b96d0b747d9ada9349495efee61d8c04beccc4bb7c3ab5ea794a5b0dffd9a5bb

  • Size

    25KB

  • Sample

    220520-wts3dsefbq

  • MD5

    61d42a9ef8ab1ae1f90f79ee3f41d7cd

  • SHA1

    9a52b27d80a084e5b69207e97337c36d03ea5b70

  • SHA256

    b96d0b747d9ada9349495efee61d8c04beccc4bb7c3ab5ea794a5b0dffd9a5bb

  • SHA512

    f821d61060ae63d471cc37e04725265424dad82da64dc6b575dbb3c498d461e6fd56cc4243b58b0e5462b4d545baf09c26d1276050bde870a514ddffce3daeac

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

0.tcp.ngrok.io:17307

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |Hassan|

Targets

    • Target

      b96d0b747d9ada9349495efee61d8c04beccc4bb7c3ab5ea794a5b0dffd9a5bb

    • Size

      25KB

    • MD5

      61d42a9ef8ab1ae1f90f79ee3f41d7cd

    • SHA1

      9a52b27d80a084e5b69207e97337c36d03ea5b70

    • SHA256

      b96d0b747d9ada9349495efee61d8c04beccc4bb7c3ab5ea794a5b0dffd9a5bb

    • SHA512

      f821d61060ae63d471cc37e04725265424dad82da64dc6b575dbb3c498d461e6fd56cc4243b58b0e5462b4d545baf09c26d1276050bde870a514ddffce3daeac

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

MITRE ATT&CK Matrix

Tasks