Overview

overview

10

Static

static

10

FF54A283B9...2D.exe

windows7-x64

7

FF54A283B9...2D.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FF54A283B94928E2B11A22D8C30036C8E2C8AD59BC42D.exe

  • Size

    27KB

  • Sample

    220819-tmxqwsacb3

  • MD5

    7ac4666645cc4513d2be875445b090c4

  • SHA1

    072711e47e766c127d230fef4e5a9f1d8bd74dd6

  • SHA256

    ff54a283b94928e2b11a22d8c30036c8e2c8ad59bc42d8b203e66abc3c16b49b

  • SHA512

    1397585f29ae773e16ddff47e7001ca70c9032a6cec0cdc3b94eee5c8c89462b701206c125ad37eb349ebd56acedab792826293fdf5625ac500e2677c37fd95b

  • SSDEEP

    384:ELjqF5aMG4AvEF0jc4C8+PUimiM5AQk93vmhm7UMKmIEecKdbXTzm9bVhcaz6Mre:SjiUZOaZ5A/vMHTi9bD

Score
10/10
njrathacked

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

indian-knowledgestorm.at.playit.gg:45976

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      FF54A283B94928E2B11A22D8C30036C8E2C8AD59BC42D.exe

    • Size

      27KB

    • MD5

      7ac4666645cc4513d2be875445b090c4

    • SHA1

      072711e47e766c127d230fef4e5a9f1d8bd74dd6

    • SHA256

      ff54a283b94928e2b11a22d8c30036c8e2c8ad59bc42d8b203e66abc3c16b49b

    • SHA512

      1397585f29ae773e16ddff47e7001ca70c9032a6cec0cdc3b94eee5c8c89462b701206c125ad37eb349ebd56acedab792826293fdf5625ac500e2677c37fd95b

    • SSDEEP

      384:ELjqF5aMG4AvEF0jc4C8+PUimiM5AQk93vmhm7UMKmIEecKdbXTzm9bVhcaz6Mre:SjiUZOaZ5A/vMHTi9bD

    Score
    7/10

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks