njrat | cb12622d732ac35c5c3aecda807eae56d19586c0aadb72f9fbbcfbccf5ba5675 | Triage

Sharing

General

Target

cb12622d732ac35c5c3aecda807eae56d19586c0aadb72f9fbbcfbccf5ba5675
Size

93KB
Sample

220520-wzwqgaegfm
MD5

837ee2033f3b15202370072989665ebe
SHA1

b9911c786d6e2a282709d77547ffefffee0995b4
SHA256

cb12622d732ac35c5c3aecda807eae56d19586c0aadb72f9fbbcfbccf5ba5675
SHA512

b9c7405144c7e29d46cefdb79a46338b014bf636613a5c42a9e976cbf382ba6bdec81b6e07e35b898353fe1949afa17254163212a97ff57909da3b54e365e67c

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:NTU1Mg==

Mutex

90cdc4299e3838b5249c33e1c7a2dd25

Attributes

reg_key
90cdc4299e3838b5249c33e1c7a2dd25
splitter
|'|'|

Targets

- Target
  
  cb12622d732ac35c5c3aecda807eae56d19586c0aadb72f9fbbcfbccf5ba5675
- Size
  
  93KB
- MD5
  
  837ee2033f3b15202370072989665ebe
- SHA1
  
  b9911c786d6e2a282709d77547ffefffee0995b4
- SHA256
  
  cb12622d732ac35c5c3aecda807eae56d19586c0aadb72f9fbbcfbccf5ba5675
- SHA512
  
  b9c7405144c7e29d46cefdb79a46338b014bf636613a5c42a9e976cbf382ba6bdec81b6e07e35b898353fe1949afa17254163212a97ff57909da3b54e365e67c
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2