Overview

overview

10

Static

static

10

39634491fc...52.exe

windows7-x64

8

39634491fc...52.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39634491fcfa5ae9b11af8e404642552.exe

  • Size

    37KB

  • Sample

    221003-j8y6qsgdap

  • MD5

    39634491fcfa5ae9b11af8e404642552

  • SHA1

    c5f0dbb99ed9b9d8de865638b8320518307b2360

  • SHA256

    0bd858559a33ef47365dbda6c1539f9b960c6568db3c7d9395f742dbce665584

  • SHA512

    9411b6e108749b2e4a885fb29d82d0621ed8cd20f4c2edeee38f5eb9eafc95244ea50556e3bc70e7bfe93c565b85294eaf9e591c3eb71865f84ff149858becdb

  • SSDEEP

    384:tmOs0IiejvCVLO309QmykrtG+dA+VfwvOSiKrAF+rMRTyN/0L+EcoinblneHQM3O:vFdGdkrgYRwWS9rM+rMRa8Nud5t

Score
10/10
njrathackedevasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

2.tcp.eu.ngrok.io:10688

Mutex

397d69d9f8062162b9133aef29a5892d

Attributes
  • reg_key

    397d69d9f8062162b9133aef29a5892d

  • splitter

    |'|'|

Targets

    • Target

      39634491fcfa5ae9b11af8e404642552.exe

    • Size

      37KB

    • MD5

      39634491fcfa5ae9b11af8e404642552

    • SHA1

      c5f0dbb99ed9b9d8de865638b8320518307b2360

    • SHA256

      0bd858559a33ef47365dbda6c1539f9b960c6568db3c7d9395f742dbce665584

    • SHA512

      9411b6e108749b2e4a885fb29d82d0621ed8cd20f4c2edeee38f5eb9eafc95244ea50556e3bc70e7bfe93c565b85294eaf9e591c3eb71865f84ff149858becdb

    • SSDEEP

      384:tmOs0IiejvCVLO309QmykrtG+dA+VfwvOSiKrAF+rMRTyN/0L+EcoinblneHQM3O:vFdGdkrgYRwWS9rM+rMRa8Nud5t

    Score
    8/10
    evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks