Overview

overview

10

Static

static

10

2bf0f63822...66.exe

windows7_x64

8

2bf0f63822...66.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2bf0f638224e306a99420932175be8bcd8ac26311a964d65c385cc7915689666

  • Size

    301KB

  • Sample

    220524-tccmzacdaj

  • MD5

    5e04a9f2d48e007fc7ee5e06fb7a3613

  • SHA1

    e3123b48a526b357d773b606916eaeedaf7ee437

  • SHA256

    2bf0f638224e306a99420932175be8bcd8ac26311a964d65c385cc7915689666

  • SHA512

    0bfb8f050727c5a651a56b7dc6131412dc940252aa115c9adc6ee9462a5ef9e8acdb03617b0d6110d6fe6fcda5214310f9f496d8f78821455e2f457a80a5af14

Score
10/10
njrathacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

Windows Update

Attributes
  • reg_key

    Windows Update

  • splitter

    |'|'|

Targets

    • Target

      2bf0f638224e306a99420932175be8bcd8ac26311a964d65c385cc7915689666

    • Size

      301KB

    • MD5

      5e04a9f2d48e007fc7ee5e06fb7a3613

    • SHA1

      e3123b48a526b357d773b606916eaeedaf7ee437

    • SHA256

      2bf0f638224e306a99420932175be8bcd8ac26311a964d65c385cc7915689666

    • SHA512

      0bfb8f050727c5a651a56b7dc6131412dc940252aa115c9adc6ee9462a5ef9e8acdb03617b0d6110d6fe6fcda5214310f9f496d8f78821455e2f457a80a5af14

    Score
    8/10
    evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks