njrat | 2c22f37a24c26361dc160c9254bf094509cb8f16944b46408992649e096e0fd9 | Triage

Sharing

General

Target

2c22f37a24c26361dc160c9254bf094509cb8f16944b46408992649e096e0fd9
Size

29KB
Sample

221125-j15zbagd2x
MD5

5360dd4eff6cbceed2ee6a3e59b78de2
SHA1

c1ed04bf72e28dad22adc56b4ba9ce8502115523
SHA256

2c22f37a24c26361dc160c9254bf094509cb8f16944b46408992649e096e0fd9
SHA512

c2b1bb5064f989390943cd10dd407e8530c5bd57a609e8428216f09842d1687ba0a95a5b1671e08eda50fa1f7be4af98e1878d70de65ae041bad970655f52e49
SSDEEP

384:faEuBIp4vs6O/T0oGF/hD/9k3S2S+1w0LE2H9MslgFYObiX+r2FCagaLAQyG:+LlMT0Vthb9OFw0LZ9KXbBYF

Score

10^/10

njrat evasion persistence

Malware Config

Targets

- Target
  
  2c22f37a24c26361dc160c9254bf094509cb8f16944b46408992649e096e0fd9
- Size
  
  29KB
- MD5
  
  5360dd4eff6cbceed2ee6a3e59b78de2
- SHA1
  
  c1ed04bf72e28dad22adc56b4ba9ce8502115523
- SHA256
  
  2c22f37a24c26361dc160c9254bf094509cb8f16944b46408992649e096e0fd9
- SHA512
  
  c2b1bb5064f989390943cd10dd407e8530c5bd57a609e8428216f09842d1687ba0a95a5b1671e08eda50fa1f7be4af98e1878d70de65ae041bad970655f52e49
- SSDEEP
  
  384:faEuBIp4vs6O/T0oGF/hD/9k3S2S+1w0LE2H9MslgFYObiX+r2FCagaLAQyG:+LlMT0Vthb9OFw0LZ9KXbBYF
Score

8^/10

evasion persistence
- Modifies Windows Firewall
  evasion
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence