njrat | acdaabd8958f8da1602e567cfbd014c167454417c3384b0db2dfb6686c42e6b6 | Triage

Sharing

General

Target

bDxb.exe
Size

36KB
Sample

220713-1aqv5seah3
MD5

3e8393d889839487949f851a9a9651e4
SHA1

2efe38929aeb063c8efa0de18d9e3b3616362515
SHA256

acdaabd8958f8da1602e567cfbd014c167454417c3384b0db2dfb6686c42e6b6
SHA512

3002d45aac051376d8fda4ec87f67424de451cd5431e7aecb145a528c28703217b7537618a3f339e09f5d7dd34ae882718446560c07a43d48a061c093c90346e

Score

10^/10

njrat hacked suricata

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

https://pastebin.com/raw/HEFUfAcq:5552

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes

reg_key
6a2634340fbf8a0a2c038c6263d49fd1
splitter
|'|'|

Targets

- Target
  
  bDxb.exe
- Size
  
  36KB
- MD5
  
  3e8393d889839487949f851a9a9651e4
- SHA1
  
  2efe38929aeb063c8efa0de18d9e3b3616362515
- SHA256
  
  acdaabd8958f8da1602e567cfbd014c167454417c3384b0db2dfb6686c42e6b6
- SHA512
  
  3002d45aac051376d8fda4ec87f67424de451cd5431e7aecb145a528c28703217b7537618a3f339e09f5d7dd34ae882718446560c07a43d48a061c093c90346e
Score

10^/10

suricata
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2