Overview

overview

10

Static

static

b3e1a7b45c...a2.ps1

windows7-x64

10

b3e1a7b45c...a2.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8785623100.zip

  • Size

    39KB

  • Sample

    230120-w9rjhabb5s

  • MD5

    67f7bc5e1a3d70ee82edb59cec7e89a6

  • SHA1

    10f27cd4220e83cc37c4f2bffde353f138ab3bc7

  • SHA256

    16aa082a827eb19dfe626562e006454155198e540b7ab4142241edf007dae44d

  • SHA512

    b5fea7538e5c9e4c0bc5d737eeacd2ca6345052dcdd94c9d32a7d234f8a823d253fc98df49a2b241df8277021d27f1750d2cffaca31dd06ac91b7fdaa6247f2c

  • SSDEEP

    768:ItVbko9Lk+aBlae+qRcWuhOaTAOnN/WgiDbAt/WRC4ip7FA/YAnwy/:ItNXNZaXa/7WuhJtKwt/Ws4Q78Y2

Score
10/10
njrat2525252525252525trojan

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

2525252525252525

C2

2525.libya2020.com.ly:2525

Mutex

Windows

Attributes
  • reg_key

    Windows

  • splitter

    |-F-|

Targets

    • Target

      b3e1a7b45c62bf11359f12f697f18ba153ab77a46b9344caf196624e3e72f2a2

    • Size

      102KB

    • MD5

      629fad6012e43ac097f52ff5e02d6396

    • SHA1

      69284411ae2928fc4b474193a81a9b205b6da5aa

    • SHA256

      b3e1a7b45c62bf11359f12f697f18ba153ab77a46b9344caf196624e3e72f2a2

    • SHA512

      fb35d9fbedf762f1aa569f33e0566e0190a6a37c662d3009d7d5f94a65b38f34f2f0d8a7a6fa578038cde255d176ccecde6bb7af712bfd9e8a0f6d9b5220bc7f

    • SSDEEP

      1536:0ZlZSkyJaVIg/+QZsHXGwrAfKYSh5fmv1xqvM:0YM

    Score
    10/10
    njrat2525252525252525trojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks