Overview

overview

10

Static

static

10

a5c612b7ea...f1.exe

windows7-x64

8

a5c612b7ea...f1.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5c612b7ea9bbbe51f3f439646b3621c7a3035a90f981e52acc92b951da6d9f1

  • Size

    23KB

  • Sample

    220725-elzrjadha4

  • MD5

    e91c556cb82eb27389eb98ddcd693391

  • SHA1

    37a8cf145f1e331fb64faf4f7bfe166e00105606

  • SHA256

    a5c612b7ea9bbbe51f3f439646b3621c7a3035a90f981e52acc92b951da6d9f1

  • SHA512

    4ada1e6da078e5b33b407f76ccdbf4f423f77df38aeec556018d536cdf0b3371316bd96c24c65714077f3c0ea996c9b54f0dd22f0a76775c9d703a8887d16cec

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:1010

Mutex

e93bef7fc287ef3436f4240da328015a

Attributes
  • reg_key

    e93bef7fc287ef3436f4240da328015a

  • splitter

    |'|'|

Targets

    • Target

      a5c612b7ea9bbbe51f3f439646b3621c7a3035a90f981e52acc92b951da6d9f1

    • Size

      23KB

    • MD5

      e91c556cb82eb27389eb98ddcd693391

    • SHA1

      37a8cf145f1e331fb64faf4f7bfe166e00105606

    • SHA256

      a5c612b7ea9bbbe51f3f439646b3621c7a3035a90f981e52acc92b951da6d9f1

    • SHA512

      4ada1e6da078e5b33b407f76ccdbf4f423f77df38aeec556018d536cdf0b3371316bd96c24c65714077f3c0ea996c9b54f0dd22f0a76775c9d703a8887d16cec

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks