njrat | fca3b4475cd1981ef96131d78033d81b9f567db967ab97475ea9476702082a1a | Triage

Sharing

General

Target

3ff7d00e62d3c2bbec3c6ce43f72c444.exe
Size

93KB
Sample

220921-cfj3saege6
MD5

3ff7d00e62d3c2bbec3c6ce43f72c444
SHA1

c21c4821bc02c05975841867147c23b2c25c2545
SHA256

fca3b4475cd1981ef96131d78033d81b9f567db967ab97475ea9476702082a1a
SHA512

e56c885a3cb937b380012ea3c529025c8f03b01d9f0c136e34f96c86fa4d727ccbc8ef3efcbb3268dba988c251f5f2f5e780b28ec5c74a21e2fce451b75705dc
SSDEEP

1536:JUvOx6baIa9RZj00ljEwzGi1dDMTDAgS:JU3baIa93jNSi1dQHp

Score

10^/10

njrat hacked evasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

Ny50Y3AuZXUubmdyb2suaW8Strik:MTQwMDg=

Mutex

f3a5a2c8437ec480dbeedf9f00b545b2

Attributes

reg_key
f3a5a2c8437ec480dbeedf9f00b545b2
splitter
|'|'|

Targets

- Target
  
  3ff7d00e62d3c2bbec3c6ce43f72c444.exe
- Size
  
  93KB
- MD5
  
  3ff7d00e62d3c2bbec3c6ce43f72c444
- SHA1
  
  c21c4821bc02c05975841867147c23b2c25c2545
- SHA256
  
  fca3b4475cd1981ef96131d78033d81b9f567db967ab97475ea9476702082a1a
- SHA512
  
  e56c885a3cb937b380012ea3c529025c8f03b01d9f0c136e34f96c86fa4d727ccbc8ef3efcbb3268dba988c251f5f2f5e780b28ec5c74a21e2fce451b75705dc
- SSDEEP
  
  1536:JUvOx6baIa9RZj00ljEwzGi1dDMTDAgS:JU3baIa93jNSi1dQHp
Score

8^/10

evasion
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2