njrat | ec3fffab0619e80b5b92e33ffbbca2ab487a89ac6b32d66f6e79c6064390b01f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec3fffab0619e80b5b92e33ffbbca2ab487a89ac6b32d66f6e79c6064390b01f
Size

110KB
Sample

221127-3zmwwshd62
MD5

5bf5472e6c829dcee8dffaaa772f756c
SHA1

554a517be462ce94a36af5e95e2fa78c84b60144
SHA256

ec3fffab0619e80b5b92e33ffbbca2ab487a89ac6b32d66f6e79c6064390b01f
SHA512

fa3c5fc658ba9f16f1474ed15de3790fbde24cabf55a44defe697af142ef9b4899180529ce6fdd027b972e2f25edef8942029a2bae489cc07d40ba2e9a980961
SSDEEP

1536:ZtHeO3nyvlYrI0GMRQ0/s4WXPvutLf40XJXIYD:ZF+YWMD7405n

Score

10^/10

njrat evasion trojan

Malware Config

Targets

- Target
  
  ec3fffab0619e80b5b92e33ffbbca2ab487a89ac6b32d66f6e79c6064390b01f
- Size
  
  110KB
- MD5
  
  5bf5472e6c829dcee8dffaaa772f756c
- SHA1
  
  554a517be462ce94a36af5e95e2fa78c84b60144
- SHA256
  
  ec3fffab0619e80b5b92e33ffbbca2ab487a89ac6b32d66f6e79c6064390b01f
- SHA512
  
  fa3c5fc658ba9f16f1474ed15de3790fbde24cabf55a44defe697af142ef9b4899180529ce6fdd027b972e2f25edef8942029a2bae489cc07d40ba2e9a980961
- SSDEEP
  
  1536:ZtHeO3nyvlYrI0GMRQ0/s4WXPvutLf40XJXIYD:ZF+YWMD7405n
Score

10^/10

evasion njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

njratevasiontrojan