njrat | 4b70ee9f32c5430d5e71094bc2fa7aabb65498fc2e6305220099f724cf4622c5 | Triage

Submit
Reports

Overview

overview

Static

static

Server.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

Server.bat
Size

93KB
Sample

230203-ehwkpsaf43
MD5

8cdf279cca1384f36a510601bae6b859
SHA1

bebea1ea912c0d8ab62b655493ca9ae3b9b01571
SHA256

4b70ee9f32c5430d5e71094bc2fa7aabb65498fc2e6305220099f724cf4622c5
SHA512

593c90221f95ae25cba96432288f023a4c10501c10cd7d5ad6fe6aa06c64e2a2c909ea7972c334944498af8f6e3cf9d3f402b342377b0c8ef73cd03aacdb0190
SSDEEP

768:eY3txVMaLJ7chQgIKt0eBD+QhnXlha8zGwCpXxrjEtCdnl2pi1Rz4Rk3ssGdpRgM:vx6alYIKx5+QdT6rjEwzGi1dDkDRgS

Score

10^/10

njrat hacked evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Server.exe

Resource

win10v2004-20220812-en

njrat hacked evasion trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

FRANSESCOTI3LjAuFRANSESCOC4x:MTQ0NA==

Mutex

656796098a723ea39abbbeb6ecb22ca8

Attributes

reg_key
656796098a723ea39abbbeb6ecb22ca8
splitter
|'|'|

Targets

- Target
  
  Server.bat
- Size
  
  93KB
- MD5
  
  8cdf279cca1384f36a510601bae6b859
- SHA1
  
  bebea1ea912c0d8ab62b655493ca9ae3b9b01571
- SHA256
  
  4b70ee9f32c5430d5e71094bc2fa7aabb65498fc2e6305220099f724cf4622c5
- SHA512
  
  593c90221f95ae25cba96432288f023a4c10501c10cd7d5ad6fe6aa06c64e2a2c909ea7972c334944498af8f6e3cf9d3f402b342377b0c8ef73cd03aacdb0190
- SSDEEP
  
  768:eY3txVMaLJ7chQgIKt0eBD+QhnXlha8zGwCpXxrjEtCdnl2pi1Rz4Rk3ssGdpRgM:vx6alYIKx5+QdT6rjEwzGi1dDkDRgS
Score

10^/10

njrat hacked evasion trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackedevasiontrojan

© 2018-2025

Terms | Privacy