Overview

overview

10

Static

static

10

438b2b10c0...08.exe

windows7_x64

8

438b2b10c0...08.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    438b2b10c0fd5c5f74d77d8cf21e62e7294461a4d7cad220a600bc899b01af08

  • Size

    23KB

  • Sample

    220707-2hbxmaegdr

  • MD5

    4d8c1c0bee0ab2ac964f3793c2fd2499

  • SHA1

    3c7c8c87738cd2223e03d9a88d4a6be573d68c90

  • SHA256

    438b2b10c0fd5c5f74d77d8cf21e62e7294461a4d7cad220a600bc899b01af08

  • SHA512

    d21685deb2e3bd1652d0ce4ffd9b195870bf9730ad9c55cef8ce1aef70c6d0fda62a221cddafffce847333d43a34b7e2f19c3ef21229afc6f61072fa9065c1b6

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

60.48.39.240:1144

Mutex

1fa22751ae3e5dc556d74a435720f875

Attributes
  • reg_key

    1fa22751ae3e5dc556d74a435720f875

  • splitter

    |'|'|

Targets

    • Target

      438b2b10c0fd5c5f74d77d8cf21e62e7294461a4d7cad220a600bc899b01af08

    • Size

      23KB

    • MD5

      4d8c1c0bee0ab2ac964f3793c2fd2499

    • SHA1

      3c7c8c87738cd2223e03d9a88d4a6be573d68c90

    • SHA256

      438b2b10c0fd5c5f74d77d8cf21e62e7294461a4d7cad220a600bc899b01af08

    • SHA512

      d21685deb2e3bd1652d0ce4ffd9b195870bf9730ad9c55cef8ce1aef70c6d0fda62a221cddafffce847333d43a34b7e2f19c3ef21229afc6f61072fa9065c1b6

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks