njrat | 8f848297450089c640ab92e03c7b91a75088b976640c1d20d1051f2dd0a60e8f | Triage

Sharing

General

Target

bCC7.exe
Size

36KB
Sample

220713-z9k89sbafq
MD5

07738b9b4d98459bcf1d402cab708de3
SHA1

43aa7465e344bd7ba08fa19d91d9fd50fdf90c0f
SHA256

8f848297450089c640ab92e03c7b91a75088b976640c1d20d1051f2dd0a60e8f
SHA512

65e651245835a72f3d868545301ba4e973b34d34a1385634f0ada34748b597231a1b5f4a68bf224d6ae5c17c57462faac2c0d0fb161ac198e257b1677a3ac8fd

Score

10^/10

njrat hacked suricata

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

https://pastebin.com/raw/adYPzmYQ:5552

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes

reg_key
6a2634340fbf8a0a2c038c6263d49fd1
splitter
|'|'|

Targets

- Target
  
  bCC7.exe
- Size
  
  36KB
- MD5
  
  07738b9b4d98459bcf1d402cab708de3
- SHA1
  
  43aa7465e344bd7ba08fa19d91d9fd50fdf90c0f
- SHA256
  
  8f848297450089c640ab92e03c7b91a75088b976640c1d20d1051f2dd0a60e8f
- SHA512
  
  65e651245835a72f3d868545301ba4e973b34d34a1385634f0ada34748b597231a1b5f4a68bf224d6ae5c17c57462faac2c0d0fb161ac198e257b1677a3ac8fd
Score

10^/10

suricata
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2