Overview

overview

10

Static

static

10

55fa513f58...e6.exe

windows7-x64

8

55fa513f58...e6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55fa513f585b426b8ffedd0f9a2f02dcf66ca7d4476111306ccca9151becbbe6

  • Size

    23KB

  • Sample

    220725-gzzpssacen

  • MD5

    eac054b970f4ae77ae5e2d88de8576ec

  • SHA1

    577ade9091355668202d31282005b92621ea38a5

  • SHA256

    55fa513f585b426b8ffedd0f9a2f02dcf66ca7d4476111306ccca9151becbbe6

  • SHA512

    fa2129e5911c15151cec78c2860b594467b81dc537bcdeb8d689aa480ff845485129f7066ad97e6a4af50361b3931db2ab26986fdcc8b88b25c1ab78c4fc5c92

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:1177

Mutex

f91c3dd57079c600d01f271f9c7568a0

Attributes
  • reg_key

    f91c3dd57079c600d01f271f9c7568a0

  • splitter

    |'|'|

Targets

    • Target

      55fa513f585b426b8ffedd0f9a2f02dcf66ca7d4476111306ccca9151becbbe6

    • Size

      23KB

    • MD5

      eac054b970f4ae77ae5e2d88de8576ec

    • SHA1

      577ade9091355668202d31282005b92621ea38a5

    • SHA256

      55fa513f585b426b8ffedd0f9a2f02dcf66ca7d4476111306ccca9151becbbe6

    • SHA512

      fa2129e5911c15151cec78c2860b594467b81dc537bcdeb8d689aa480ff845485129f7066ad97e6a4af50361b3931db2ab26986fdcc8b88b25c1ab78c4fc5c92

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks