njrat | 502fdfabbe8c4ba719eef604ea508bbdd926a3831b4beb3e60de708669f5d2e6 | Triage

Sharing

General

Target

502fdfabbe8c4ba719eef604ea508bbdd926a3831b4beb3e60de708669f5d2e6
Size

48KB
Sample

221001-2qey9abhbj
MD5

00c8de3074534835cab8e3fb7491e2d0
SHA1

d9e23e9590135b515a4b65b916bfb89c611149e8
SHA256

502fdfabbe8c4ba719eef604ea508bbdd926a3831b4beb3e60de708669f5d2e6
SHA512

1cd8b58ceaeab571bfafd38c9014712544c6ceb44de58cf84d4b20edffc9631bbe30cb59faf1f7ba1a54d2758653246213bc351b4c55dd57abe4d126311dd053
SSDEEP

768:O7UKiE1U4gbZt1gbRIbPqX2CsjUFSuoOiOGf/NjwkNfIxnQtMTsMGh:OAKiE1UBbP9cPsjOSPOiOY+2f8QtksMa

Score

10^/10

njrat hacked trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

95.107.204.28:5552

Mutex

1f2e4aa145fde17c3be518407ab3e0ad

Attributes

reg_key
1f2e4aa145fde17c3be518407ab3e0ad
splitter
|'|'|

Targets

- Target
  
  502fdfabbe8c4ba719eef604ea508bbdd926a3831b4beb3e60de708669f5d2e6
- Size
  
  48KB
- MD5
  
  00c8de3074534835cab8e3fb7491e2d0
- SHA1
  
  d9e23e9590135b515a4b65b916bfb89c611149e8
- SHA256
  
  502fdfabbe8c4ba719eef604ea508bbdd926a3831b4beb3e60de708669f5d2e6
- SHA512
  
  1cd8b58ceaeab571bfafd38c9014712544c6ceb44de58cf84d4b20edffc9631bbe30cb59faf1f7ba1a54d2758653246213bc351b4c55dd57abe4d126311dd053
- SSDEEP
  
  768:O7UKiE1U4gbZt1gbRIbPqX2CsjUFSuoOiOGf/NjwkNfIxnQtMTsMGh:OAKiE1UBbP9cPsjOSPOiOY+2f8QtksMa
Score

10^/10

njrat hacked trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

njrathackedtrojan