Overview

overview

7

Static

static

1

njRAT 0.7d...on.exe

windows10-2004-x64

1

njRAT 0.7d...ip.exe

windows10-2004-x64

7

njRAT 0.7d...ck.exe

windows10-2004-x64

1

njRAT 0.7d...r1.exe

windows10-2004-x64

1

njRAT 0.7d...r2.exe

windows10-2004-x64

1

njRAT 0.7d...r3.exe

windows10-2004-x64

1

njRAT 0.7d...r4.exe

windows10-2004-x64

1

njRAT 0.7d...r5.exe

windows10-2004-x64

1

njRAT 0.7d...r6.exe

windows10-2004-x64

1

njRAT 0.7d...am.dll

windows10-2004-x64

1

njRAT 0.7d...ch.dll

windows10-2004-x64

1

njRAT 0.7d...un.exe

windows10-2004-x64

1

njRAT 0.7d...ic.dll

windows10-2004-x64

1

njRAT 0.7d...lg.dll

windows10-2004-x64

1

njRAT 0.7d...pw.dll

windows10-2004-x64

1

njRAT 0.7d...c2.dll

windows10-2004-x64

1

njRAT 0.7d...in.xml

windows10-2004-x64

1

njRAT 0.7d...ub.xml

windows10-2004-x64

1

njRAT 0.7d...et.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/03/2023, 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    njRAT 0.7d Horror Edition/NjRat 0.7D Horror Edition.exe

  • Size

    15.4MB

  • MD5

    dd411913ab79512e94920f3bb8019334

  • SHA1

    463c4fd39c21be32970febd1447fb472b419c89d

  • SHA256

    bb35eddc6b3ccc8aae668176a3987be76ca66c3c0c01074e5ee9cd7d145ce6ce

  • SHA512

    60c2d87dafa3726e175ec48b1899f3256a1c884b35ed725469f28a403b7a928e67eab2413c187f746887ca588676c94f85b304553824afa9bff6b9805b495d2d

  • SSDEEP

    196608:/jTb2kYfaKqgAyoSxX3NYeOu2kYJBnnim//7uVtFZ03MtV0Poiv5m:X3JgA+9ecWBnnim//7w03M4Fv5m

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\njRAT 0.7d Horror Edition\NjRat 0.7D Horror Edition.exe
    "C:\Users\Admin\AppData\Local\Temp\njRAT 0.7d Horror Edition\NjRat 0.7D Horror Edition.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2896
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x518 0x4ec
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2828

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2896-133-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-134-0x00000000009C0000-0x0000000001932000-memory.dmp

    Filesize

    15.4MB

    Download

  • memory/2896-135-0x000000001C870000-0x000000001C916000-memory.dmp

    Filesize

    664KB

    Download

  • memory/2896-136-0x000000001CE00000-0x000000001D2CE000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2896-137-0x000000001DE70000-0x000000001DF0C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2896-138-0x000000001C920000-0x000000001C928000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2896-139-0x000000001DFD0000-0x000000001E01C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2896-140-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-141-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-142-0x0000000022050000-0x0000000022062000-memory.dmp

    Filesize

    72KB

    Download

  • memory/2896-143-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-144-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-145-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-146-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-147-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-148-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-149-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-150-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-151-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-152-0x0000000002290000-0x00000000022A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2896-153-0x000000003F890000-0x000000003F990000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2896-154-0x000000003F890000-0x000000003F990000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2896-155-0x000000003F890000-0x000000003F990000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2896-156-0x000000003F890000-0x000000003F990000-memory.dmp

    Filesize

    1024KB

    Download