Overview

overview

10

Static

static

10

bDTn.exe

windows7-x64

7

bDTn.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bDTn.exe

  • Size

    36KB

  • Sample

    220803-ep773sgadq

  • MD5

    f09845a7b617f093887d29554e795081

  • SHA1

    90fe8bd31ed126fd5dcdd292e0054e0a6e2e70d5

  • SHA256

    e10753f08dd4399bfb6de99a86ee12d32aaac6eb6f42da26055a1abc26043650

  • SHA512

    ba040be9a1f39706e7ad21cdeb632476ab8bad25d6be5c76a4e58f17c2eb7848753210dde23e44d919f895648419313e055fae39a897644e0c70bca39c1c34a8

Score
10/10
njrathacked

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

https://pastebin.com/raw/b2xT6mXZ:6522

Mutex

6a2634340fbf8a0a2c038c6263d49fd1

Attributes
  • reg_key

    6a2634340fbf8a0a2c038c6263d49fd1

  • splitter

    |'|'|

Targets

    • Target

      bDTn.exe

    • Size

      36KB

    • MD5

      f09845a7b617f093887d29554e795081

    • SHA1

      90fe8bd31ed126fd5dcdd292e0054e0a6e2e70d5

    • SHA256

      e10753f08dd4399bfb6de99a86ee12d32aaac6eb6f42da26055a1abc26043650

    • SHA512

      ba040be9a1f39706e7ad21cdeb632476ab8bad25d6be5c76a4e58f17c2eb7848753210dde23e44d919f895648419313e055fae39a897644e0c70bca39c1c34a8

    Score
    7/10

    • Deletes itself

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks