Overview

overview

10

Static

static

10

5c6c81eeed...01.exe

windows7-x64

8

5c6c81eeed...01.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c6c81eeedd781de8fbf1805100b27da416cb6ffeda61a9e6068bd413aaff901

  • Size

    23KB

  • Sample

    220801-r1d5lahda6

  • MD5

    0a6313f82def3972901d2653ea69529d

  • SHA1

    2a5d8417f4a32ae0f36ce014f6024fb661439210

  • SHA256

    5c6c81eeedd781de8fbf1805100b27da416cb6ffeda61a9e6068bd413aaff901

  • SHA512

    f66093a9d3d9e0e7f0d027aec5e37052adc8588415e758196b4a982e75746225a0451a4f357629794656afb3b5d1b3751fb99a85af01d0c41b09981450aa37ae

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:789

Mutex

018af7de9673644d23451473d09bedbd

Attributes
  • reg_key

    018af7de9673644d23451473d09bedbd

  • splitter

    |'|'|

Targets

    • Target

      5c6c81eeedd781de8fbf1805100b27da416cb6ffeda61a9e6068bd413aaff901

    • Size

      23KB

    • MD5

      0a6313f82def3972901d2653ea69529d

    • SHA1

      2a5d8417f4a32ae0f36ce014f6024fb661439210

    • SHA256

      5c6c81eeedd781de8fbf1805100b27da416cb6ffeda61a9e6068bd413aaff901

    • SHA512

      f66093a9d3d9e0e7f0d027aec5e37052adc8588415e758196b4a982e75746225a0451a4f357629794656afb3b5d1b3751fb99a85af01d0c41b09981450aa37ae

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks