Overview

overview

10

Static

static

10

a9ac0c55b8...ee.exe

windows7-x64

8

a9ac0c55b8...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9ac0c55b838d0f7cf2f489911a71dca70270970d21c5de2c9d871656644e6ee

  • Size

    23KB

  • Sample

    220731-hwaryaegaj

  • MD5

    dd9089cb883348bd95aaac1bd002f0cf

  • SHA1

    ec126ecd96beb4b1f2b9020ec082f091c28643eb

  • SHA256

    a9ac0c55b838d0f7cf2f489911a71dca70270970d21c5de2c9d871656644e6ee

  • SHA512

    6255adf8fbf7617a01ffa272426927653be65cfcc2353da5f3021b877c57bd58855cc353dd7aad731a18b5542135079b0b19b284b8644be4fa574825cb4de754

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:4444

Mutex

7588a88a3cf5322524fb2d80e7679a74

Attributes
  • reg_key

    7588a88a3cf5322524fb2d80e7679a74

  • splitter

    |'|'|

Targets

    • Target

      a9ac0c55b838d0f7cf2f489911a71dca70270970d21c5de2c9d871656644e6ee

    • Size

      23KB

    • MD5

      dd9089cb883348bd95aaac1bd002f0cf

    • SHA1

      ec126ecd96beb4b1f2b9020ec082f091c28643eb

    • SHA256

      a9ac0c55b838d0f7cf2f489911a71dca70270970d21c5de2c9d871656644e6ee

    • SHA512

      6255adf8fbf7617a01ffa272426927653be65cfcc2353da5f3021b877c57bd58855cc353dd7aad731a18b5542135079b0b19b284b8644be4fa574825cb4de754

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks