njrat | 102433280499b88a7eddf24fa6d8a57b7374aa37c784f46de61c10f60e330119 | Triage

Sharing

General

Target

102433280499b88a7eddf24fa6d8a57b7374aa37c784f46de61c10f60e330119
Size

37KB
Sample

220625-j8zghafah5
MD5

f1512c7e85ed65a6fbcc23333b076fca
SHA1

ed1208bbf8a0f5b7647c9b126aea80edb4cfd398
SHA256

102433280499b88a7eddf24fa6d8a57b7374aa37c784f46de61c10f60e330119
SHA512

8991cf8a4761ee5d1163749a974d7ad0ded46f118278166e8d4501d198715ff696e336cf03778d683344b7e58101433b85bb8976c9791c5e066a1445eefba193

Score

10^/10

njrat loshara evasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

LoShArA

C2

213.231.11.194:5552

Mutex

9ddc325f2d36388cb74679cfd55e6ae4

Attributes

reg_key
9ddc325f2d36388cb74679cfd55e6ae4
splitter
|'|'|

Targets

- Target
  
  102433280499b88a7eddf24fa6d8a57b7374aa37c784f46de61c10f60e330119
- Size
  
  37KB
- MD5
  
  f1512c7e85ed65a6fbcc23333b076fca
- SHA1
  
  ed1208bbf8a0f5b7647c9b126aea80edb4cfd398
- SHA256
  
  102433280499b88a7eddf24fa6d8a57b7374aa37c784f46de61c10f60e330119
- SHA512
  
  8991cf8a4761ee5d1163749a974d7ad0ded46f118278166e8d4501d198715ff696e336cf03778d683344b7e58101433b85bb8976c9791c5e066a1445eefba193
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2