Overview

overview

10

Static

static

10

e01e3c42da...e4.exe

windows7-x64

8

e01e3c42da...e4.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e01e3c42da13325a823d6dc88301ff03e0c225be40d6f7086f4b51b1a4d3bbe4

  • Size

    29KB

  • Sample

    221204-s6jspsce76

  • MD5

    208e1b7340598d88946e47f42c241070

  • SHA1

    829a4ff93d7ad73ceb5a7efcbe6dded7d104e9eb

  • SHA256

    e01e3c42da13325a823d6dc88301ff03e0c225be40d6f7086f4b51b1a4d3bbe4

  • SHA512

    e9bf19e7d8720e4f440215dcc7c13b11e1982e00491d258004a1efcc04c3df654751f46beddc8a28546ec76e9f43fbbf8dae5e3f08b786da64247c213c51397c

  • SSDEEP

    384:CZs/hl7b1/JEI+GPWxt5j2mMemqDMv5e7dGBsbh0w4wlAokw9OhgOL1vYRGOZznt:CA7bXEI+GeHwmKqe5e4BKh0p29SgRhT

Score
10/10
njrathackedevasion

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

HacKed

C2

zampahost.no-ip.biz:1177

Mutex

5cd8f17f4086744065eb0992a09e05a2

Attributes
  • reg_key

    5cd8f17f4086744065eb0992a09e05a2

  • splitter

    |'|'|

Targets

    • Target

      e01e3c42da13325a823d6dc88301ff03e0c225be40d6f7086f4b51b1a4d3bbe4

    • Size

      29KB

    • MD5

      208e1b7340598d88946e47f42c241070

    • SHA1

      829a4ff93d7ad73ceb5a7efcbe6dded7d104e9eb

    • SHA256

      e01e3c42da13325a823d6dc88301ff03e0c225be40d6f7086f4b51b1a4d3bbe4

    • SHA512

      e9bf19e7d8720e4f440215dcc7c13b11e1982e00491d258004a1efcc04c3df654751f46beddc8a28546ec76e9f43fbbf8dae5e3f08b786da64247c213c51397c

    • SSDEEP

      384:CZs/hl7b1/JEI+GPWxt5j2mMemqDMv5e7dGBsbh0w4wlAokw9OhgOL1vYRGOZznt:CA7bXEI+GeHwmKqe5e4BKh0p29SgRhT

    Score
    8/10
    evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks