njrat | 63027d093681f243f42cf00064dc5952bd3d8f2ed3d26a48f5d057a612c92273 | Triage

Sharing

General

Target

63027d093681f243f42cf00064dc5952bd3d8f2ed3d26a48f5d057a612c92273
Size

31KB
Sample

220701-evcy5adde3
MD5

be66486e94874c679f64129b03d24d49
SHA1

8b123a37aa84be63c5c2dc7edde082c546a74447
SHA256

63027d093681f243f42cf00064dc5952bd3d8f2ed3d26a48f5d057a612c92273
SHA512

854c19cf9b3bf831a258c031f11cea0cdda93f3f98930f52f3c2e4f52ebfa6221a5589c3e819502c0a830331d2c5156ca68be71902c5c14f4a006bb34e13222f

Score

10^/10

njrat mybot trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

37.192.18.134:5552

Mutex

e5b67957d32e942db213593a7a20d4bc

Attributes

reg_key
e5b67957d32e942db213593a7a20d4bc
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  63027d093681f243f42cf00064dc5952bd3d8f2ed3d26a48f5d057a612c92273
- Size
  
  31KB
- MD5
  
  be66486e94874c679f64129b03d24d49
- SHA1
  
  8b123a37aa84be63c5c2dc7edde082c546a74447
- SHA256
  
  63027d093681f243f42cf00064dc5952bd3d8f2ed3d26a48f5d057a612c92273
- SHA512
  
  854c19cf9b3bf831a258c031f11cea0cdda93f3f98930f52f3c2e4f52ebfa6221a5589c3e819502c0a830331d2c5156ca68be71902c5c14f4a006bb34e13222f
Score

10^/10

njrat mybot trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

njratmybottrojan

behavioral2