njrat | 8cebbfaf09dce741f57ffa81b139d6713a6d2e512614ac98a683aabe5ba7431d | Triage

Sharing

General

Target

8cebbfaf09dce741f57ffa81b139d6713a6d2e512614ac98a683aabe5ba7431d
Size

37KB
Sample

220731-h1za4aead3
MD5

672a3fba476369ff78ca982969dbdef4
SHA1

8e8596805bb406fe0d1d1b658c099ec3444043e4
SHA256

8cebbfaf09dce741f57ffa81b139d6713a6d2e512614ac98a683aabe5ba7431d
SHA512

67fc4ca49c161fcd8954ae71a17308a4158cfc3e4ee965bacaea08a73adb45a57e3a65bab7256922d795b4a729df4f04548306e04a7c38ab2ea7225aef04511a

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

185.209.85.73:9991

Mutex

6a1f5b67614c508fdd84d682fea9eaac

Attributes

reg_key
6a1f5b67614c508fdd84d682fea9eaac
splitter
|'|'|

Targets

- Target
  
  8cebbfaf09dce741f57ffa81b139d6713a6d2e512614ac98a683aabe5ba7431d
- Size
  
  37KB
- MD5
  
  672a3fba476369ff78ca982969dbdef4
- SHA1
  
  8e8596805bb406fe0d1d1b658c099ec3444043e4
- SHA256
  
  8cebbfaf09dce741f57ffa81b139d6713a6d2e512614ac98a683aabe5ba7431d
- SHA512
  
  67fc4ca49c161fcd8954ae71a17308a4158cfc3e4ee965bacaea08a73adb45a57e3a65bab7256922d795b4a729df4f04548306e04a7c38ab2ea7225aef04511a
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2