njrat | 0ac4c9d2e6c68b1fd1d834c1790a592aa07bfa03d1cfb96407aa161c2c2813ff | Triage

Sharing

General

Target

0ac4c9d2e6c68b1fd1d834c1790a592aa07bfa03d1cfb96407aa161c2c2813ff
Size

134KB
Sample

221124-eycsjaca4s
MD5

d0c6a985f7b0c997296748a9e150d096
SHA1

0e2c35c80381a2342f950367013e15c0bf6cf8fb
SHA256

0ac4c9d2e6c68b1fd1d834c1790a592aa07bfa03d1cfb96407aa161c2c2813ff
SHA512

0b8581c4921f9a992bcc7c67403a6068c91e263e07e1b5353c3a940ddbf194bb782e63a1a67d8cfd0e5c766953d0dd44da0cd24fd88b75174deac0c991aedaa3
SSDEEP

3072:zFNdgNwjoWN57bus7T/Be3BrS+7bY7EV2t/X7J38Rqtaf4l07U0jHjhTxd9Co6li:z6WN/WK/9po6lyMtaCb+FwSi6Bu

Score

10^/10

njrat trojan

Malware Config

Targets

- Target
  
  0ac4c9d2e6c68b1fd1d834c1790a592aa07bfa03d1cfb96407aa161c2c2813ff
- Size
  
  134KB
- MD5
  
  d0c6a985f7b0c997296748a9e150d096
- SHA1
  
  0e2c35c80381a2342f950367013e15c0bf6cf8fb
- SHA256
  
  0ac4c9d2e6c68b1fd1d834c1790a592aa07bfa03d1cfb96407aa161c2c2813ff
- SHA512
  
  0b8581c4921f9a992bcc7c67403a6068c91e263e07e1b5353c3a940ddbf194bb782e63a1a67d8cfd0e5c766953d0dd44da0cd24fd88b75174deac0c991aedaa3
- SSDEEP
  
  3072:zFNdgNwjoWN57bus7T/Be3BrS+7bY7EV2t/X7J38Rqtaf4l07U0jHjhTxd9Co6li:z6WN/WK/9po6lyMtaCb+FwSi6Bu
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2