Overview

overview

10

Static

static

10

822ac77de4...cb.exe

windows7-x64

8

822ac77de4...cb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    822ac77de47d345d09da7c2a93916bb251710bfe61b2ec179564f09bcb5ea6cb

  • Size

    37KB

  • Sample

    221130-w9sfssha7s

  • MD5

    d7fedad434c8b6a9d112896006a072a0

  • SHA1

    96276c663e47772edce627e1d2d64709dd168506

  • SHA256

    822ac77de47d345d09da7c2a93916bb251710bfe61b2ec179564f09bcb5ea6cb

  • SHA512

    aff5e3b6753031ee8a179d3242760926b1ed97c08490406533677ed18cc5b2ae18ee11b4b835c8d8ca2500362d0574eb741f5a12a1efdf664c704553a6ed7e2f

  • SSDEEP

    384:V6l+yw7BeAaXaEiVbzdmB0O4yUvNixgp+Z2v/RFJ/oM6IxrAF+rMRTyN/0L+EcoO:Mcyw79POTUvNZBv64rM+rMRa8NukEt

Score
10/10
njrathackedevasion

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

185.84.181.89:8280

Mutex

438a94fd2391e832c72944eac98e7bae

Attributes
  • reg_key

    438a94fd2391e832c72944eac98e7bae

  • splitter

    |'|'|

Targets

    • Target

      822ac77de47d345d09da7c2a93916bb251710bfe61b2ec179564f09bcb5ea6cb

    • Size

      37KB

    • MD5

      d7fedad434c8b6a9d112896006a072a0

    • SHA1

      96276c663e47772edce627e1d2d64709dd168506

    • SHA256

      822ac77de47d345d09da7c2a93916bb251710bfe61b2ec179564f09bcb5ea6cb

    • SHA512

      aff5e3b6753031ee8a179d3242760926b1ed97c08490406533677ed18cc5b2ae18ee11b4b835c8d8ca2500362d0574eb741f5a12a1efdf664c704553a6ed7e2f

    • SSDEEP

      384:V6l+yw7BeAaXaEiVbzdmB0O4yUvNixgp+Z2v/RFJ/oM6IxrAF+rMRTyN/0L+EcoO:Mcyw79POTUvNZBv64rM+rMRa8NukEt

    Score
    8/10
    evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks