njrat | 0ead8a0674be12cf005dd76c4f7376013f60ab99a382919f5b05133c0c079070 | Triage

Sharing

General

Target

0ead8a0674be12cf005dd76c4f7376013f60ab99a382919f5b05133c0c079070
Size

32KB
Sample

220524-dh42eaddc5
MD5

08c781e6a88e533728e04e3d88aa546d
SHA1

29c30061a64e5e8e670e66eb03c8477e628917ea
SHA256

0ead8a0674be12cf005dd76c4f7376013f60ab99a382919f5b05133c0c079070
SHA512

cca2e142694d55e89501caa9b05aa1f571d9e02b8e77beca63cf0c5f389fc614497e513d7569cf24b671857fb08bfed10609fdbb78790ec55e8b801b72c1bfa6

Score

10^/10

njrat hacked by hidden person evasion trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Hacked By HiDDen PerSOn

C2

127.0.0.1:1333

Mutex

e8694149fc14413b9cfc800071f7a16a

Attributes

reg_key
e8694149fc14413b9cfc800071f7a16a
splitter
|'|'|

Targets

- Target
  
  0ead8a0674be12cf005dd76c4f7376013f60ab99a382919f5b05133c0c079070
- Size
  
  32KB
- MD5
  
  08c781e6a88e533728e04e3d88aa546d
- SHA1
  
  29c30061a64e5e8e670e66eb03c8477e628917ea
- SHA256
  
  0ead8a0674be12cf005dd76c4f7376013f60ab99a382919f5b05133c0c079070
- SHA512
  
  cca2e142694d55e89501caa9b05aa1f571d9e02b8e77beca63cf0c5f389fc614497e513d7569cf24b671857fb08bfed10609fdbb78790ec55e8b801b72c1bfa6
Score

10^/10

evasion njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

hacked by hidden personnjrat

behavioral1

behavioral2

njratevasiontrojan