njrat | 4c1de93f807f3a741232c09a85166ab57e64e30ce55c9fe8024844c5703a4b69 | Triage

Sharing

General

Target

bCP7.exe
Size

36KB
Sample

220713-1ba63seah7
MD5

a0586805dd635f87ce4010268c3f6106
SHA1

f8eedcf01d7de17e3dbb0097f6d280465c889724
SHA256

4c1de93f807f3a741232c09a85166ab57e64e30ce55c9fe8024844c5703a4b69
SHA512

5f069806ed7fa04d6dcfb281edff1ef1418e21a9748148baf00302c61ee8328f4a38f0a5693d4d5c5593aca84dead15102c94724e6fc93df9ed7d9bbf32f92f6

Score

10^/10

njrat hacked

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

https://pastebin.com/raw/ikSEPJjf:5552

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes

reg_key
6a2634340fbf8a0a2c038c6263d49fd1
splitter
|'|'|

Targets

- Target
  
  bCP7.exe
- Size
  
  36KB
- MD5
  
  a0586805dd635f87ce4010268c3f6106
- SHA1
  
  f8eedcf01d7de17e3dbb0097f6d280465c889724
- SHA256
  
  4c1de93f807f3a741232c09a85166ab57e64e30ce55c9fe8024844c5703a4b69
- SHA512
  
  5f069806ed7fa04d6dcfb281edff1ef1418e21a9748148baf00302c61ee8328f4a38f0a5693d4d5c5593aca84dead15102c94724e6fc93df9ed7d9bbf32f92f6
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2