njrat | 34a26cda7f0251648bbc5c791ff2e27eb66162463bdc73799a9afe05d53f7ae2 | Triage

Sharing

General

Target

bDJV.exe
Size

23KB
Sample

220728-bhvfvsfag2
MD5

495b1cad7d009024ca97d9d508f66e21
SHA1

0934b0aa893374169df0bf46edf03ee15239b8d6
SHA256

34a26cda7f0251648bbc5c791ff2e27eb66162463bdc73799a9afe05d53f7ae2
SHA512

b9d061b16f4178138af4e4a3f1930132bd256bbfc8ae4c2e2c039d7a2d2b229801cc3effd45c3fd5bf1300642d5839dae4c6f1405b06aa7c8adee32df0f621d4

Score

10^/10

njrat hacked evasion trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

gamezer1hack.sytes.net:19822

Mutex

840e5d1977d82164f895299dc55d655d

Attributes

reg_key
840e5d1977d82164f895299dc55d655d
splitter
|'|'|

Targets

- Target
  
  bDJV.exe
- Size
  
  23KB
- MD5
  
  495b1cad7d009024ca97d9d508f66e21
- SHA1
  
  0934b0aa893374169df0bf46edf03ee15239b8d6
- SHA256
  
  34a26cda7f0251648bbc5c791ff2e27eb66162463bdc73799a9afe05d53f7ae2
- SHA512
  
  b9d061b16f4178138af4e4a3f1930132bd256bbfc8ae4c2e2c039d7a2d2b229801cc3effd45c3fd5bf1300642d5839dae4c6f1405b06aa7c8adee32df0f621d4
Score

10^/10

evasion njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

njratevasiontrojan