Overview

overview

10

Static

static

10

0a7771c3fa...f1.exe

windows7_x64

8

0a7771c3fa...f1.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0a7771c3fa52135bbffc39adf7b4ebedc8146975899e3e1415363e03e4a0a1f1

  • Size

    32KB

  • Sample

    220630-vtvqjsdfbj

  • MD5

    8d5254a23a84c2ecde9072c61528fe78

  • SHA1

    30f70b9aaa7dff3daccdf055ad3e98ad20039c7e

  • SHA256

    0a7771c3fa52135bbffc39adf7b4ebedc8146975899e3e1415363e03e4a0a1f1

  • SHA512

    af9d67aa85e33b30621a6d2b35c0c4a6dc74dedafa6e0073225547282df1487451cd119b787fde521902ff63fd0a5b13de958c3773f1b8e8ef5bf38f30cefcfa

Score
10/10
njratlolevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

lol

C2

127.0.0.1:1604

Mutex

0fce03a1d05d34f57e9a21698e1e32f6

Attributes
  • reg_key

    0fce03a1d05d34f57e9a21698e1e32f6

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      0a7771c3fa52135bbffc39adf7b4ebedc8146975899e3e1415363e03e4a0a1f1

    • Size

      32KB

    • MD5

      8d5254a23a84c2ecde9072c61528fe78

    • SHA1

      30f70b9aaa7dff3daccdf055ad3e98ad20039c7e

    • SHA256

      0a7771c3fa52135bbffc39adf7b4ebedc8146975899e3e1415363e03e4a0a1f1

    • SHA512

      af9d67aa85e33b30621a6d2b35c0c4a6dc74dedafa6e0073225547282df1487451cd119b787fde521902ff63fd0a5b13de958c3773f1b8e8ef5bf38f30cefcfa

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks