General

  • Target

    c0b10a8faac5227e6b811fa4db1ccd982f4b35daa8c81d96f38c6a4ad122cf6a

  • Size

    22KB

  • Sample

    220701-hhcz5sgdcn

  • MD5

    52eaeec0e48b126fe991218da14ba3e3

  • SHA1

    cf7406951893a0152d8121e405c7537807f66fd7

  • SHA256

    c0b10a8faac5227e6b811fa4db1ccd982f4b35daa8c81d96f38c6a4ad122cf6a

  • SHA512

    99e461c8127747e0d9f5774824dcc12aa452c9061647c396636bc573eb1103d45176b67d062cd037da2d1d486900c34dc2e90590a09f5aac4fa0fa1938905d2f

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

libo

C2

gttr.ddns.net:1177

Mutex

9158ef6ab64a9196a60814c7debd4df2

Attributes
  • reg_key

    9158ef6ab64a9196a60814c7debd4df2

  • splitter

    |'|'|

Targets

    • Target

      c0b10a8faac5227e6b811fa4db1ccd982f4b35daa8c81d96f38c6a4ad122cf6a

    • Size

      22KB

    • MD5

      52eaeec0e48b126fe991218da14ba3e3

    • SHA1

      cf7406951893a0152d8121e405c7537807f66fd7

    • SHA256

      c0b10a8faac5227e6b811fa4db1ccd982f4b35daa8c81d96f38c6a4ad122cf6a

    • SHA512

      99e461c8127747e0d9f5774824dcc12aa452c9061647c396636bc573eb1103d45176b67d062cd037da2d1d486900c34dc2e90590a09f5aac4fa0fa1938905d2f

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Modify Existing Service

1
T1031

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Tasks