Overview

overview

10

Static

static

10

bDQd.exe

windows7-x64

6

bDQd.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bDQd.exe

  • Size

    36KB

  • Sample

    220801-hx8eladgh4

  • MD5

    6f8ae0fa7afb481377525de948f46777

  • SHA1

    799d2fe5bb7cccaec92dbfe923b1a41ab291106f

  • SHA256

    33e72e009b8ce9ea7e92ed0663f7b37249968c684a92005186e7933716a37a8d

  • SHA512

    487cc5da215195d3df6956cb677b5051d49f1c5b6789f87c57563ee5c1a049216e1e6ac35eda8b8eb136be574327218bf381a065ae59d59d25b9e259146bbb06

Score
10/10
njrathacked

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

https://pastebin.com/raw/3MX23iHQ:5502

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes
  • reg_key

    6a2634340fbf8a0a2c038c6263d49fd1

  • splitter

    |'|'|

Targets

    • Target

      bDQd.exe

    • Size

      36KB

    • MD5

      6f8ae0fa7afb481377525de948f46777

    • SHA1

      799d2fe5bb7cccaec92dbfe923b1a41ab291106f

    • SHA256

      33e72e009b8ce9ea7e92ed0663f7b37249968c684a92005186e7933716a37a8d

    • SHA512

      487cc5da215195d3df6956cb677b5051d49f1c5b6789f87c57563ee5c1a049216e1e6ac35eda8b8eb136be574327218bf381a065ae59d59d25b9e259146bbb06

    Score
    6/10

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks