njrat | 1cbb0b544eb47effc01e10b643d0f487ba1dab1ee55d272f8f26bc7ee47df744 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46768832fb50d1a3e7736dc5f7b67339.exe
Size

279KB
Sample

220930-qfg53sdfa9
MD5

46768832fb50d1a3e7736dc5f7b67339
SHA1

fd5c6067d7460edf3835b7572a33d089eb31d25d
SHA256

1cbb0b544eb47effc01e10b643d0f487ba1dab1ee55d272f8f26bc7ee47df744
SHA512

c0586caef5f9e239f6ec0ac4fc5696c53671bc8be44cb4ea938362274e85a2d01c5506c08741dbb11e4c1184300bfe75073bdd7d361fdba5caa88a2b472583af
SSDEEP

6144:qOSDyHHFJbSG5CkgKQLoX7hdJ6EEiQ1SBQ8c:YuHloG4kuLw9k5oBQ

Score

10^/10

njrat evasion trojan vmprotect

Malware Config

Targets

- Target
  
  46768832fb50d1a3e7736dc5f7b67339.exe
- Size
  
  279KB
- MD5
  
  46768832fb50d1a3e7736dc5f7b67339
- SHA1
  
  fd5c6067d7460edf3835b7572a33d089eb31d25d
- SHA256
  
  1cbb0b544eb47effc01e10b643d0f487ba1dab1ee55d272f8f26bc7ee47df744
- SHA512
  
  c0586caef5f9e239f6ec0ac4fc5696c53671bc8be44cb4ea938362274e85a2d01c5506c08741dbb11e4c1184300bfe75073bdd7d361fdba5caa88a2b472583af
- SSDEEP
  
  6144:qOSDyHHFJbSG5CkgKQLoX7hdJ6EEiQ1SBQ8c:YuHloG4kuLw9k5oBQ
Score

10^/10

evasion njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

njratevasiontrojan