njrat | 2236a34c715e3c1a901a568fc44c8a4a3b8f7a0acee7d17eae7b386dd9f41aa2 | Triage

Sharing

General

Target

2236a34c715e3c1a901a568fc44c8a4a3b8f7a0acee7d17eae7b386dd9f41aa2
Size

25KB
Sample

220520-wzb13abgg2
MD5

b643e854869ce64b307f9ce421eeee7b
SHA1

b3925d9b96de5b093be8fcaefc2dc5e0392dc84f
SHA256

2236a34c715e3c1a901a568fc44c8a4a3b8f7a0acee7d17eae7b386dd9f41aa2
SHA512

80b9e8c6fedba284a1bfa350ed9fe7638397c0a47e537831cf9606529a5271f272eefec9f507f434ed1c4e24a5771e3faad43ad65ce55f2ceb35a0878cca5afe

Score

10^/10

njrat hacked trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

37.78.180.49:27017

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Targets

- Target
  
  2236a34c715e3c1a901a568fc44c8a4a3b8f7a0acee7d17eae7b386dd9f41aa2
- Size
  
  25KB
- MD5
  
  b643e854869ce64b307f9ce421eeee7b
- SHA1
  
  b3925d9b96de5b093be8fcaefc2dc5e0392dc84f
- SHA256
  
  2236a34c715e3c1a901a568fc44c8a4a3b8f7a0acee7d17eae7b386dd9f41aa2
- SHA512
  
  80b9e8c6fedba284a1bfa350ed9fe7638397c0a47e537831cf9606529a5271f272eefec9f507f434ed1c4e24a5771e3faad43ad65ce55f2ceb35a0878cca5afe
Score

10^/10

njrat hacked trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

njrathackedtrojan

behavioral2