Overview

overview

7

Static

static

1

njRAT 0.7d...on.exe

windows10-2004-x64

1

njRAT 0.7d...ip.exe

windows10-2004-x64

7

njRAT 0.7d...ck.exe

windows10-2004-x64

1

njRAT 0.7d...r1.exe

windows10-2004-x64

1

njRAT 0.7d...r2.exe

windows10-2004-x64

1

njRAT 0.7d...r3.exe

windows10-2004-x64

1

njRAT 0.7d...r4.exe

windows10-2004-x64

1

njRAT 0.7d...r5.exe

windows10-2004-x64

1

njRAT 0.7d...r6.exe

windows10-2004-x64

1

njRAT 0.7d...am.dll

windows10-2004-x64

1

njRAT 0.7d...ch.dll

windows10-2004-x64

1

njRAT 0.7d...un.exe

windows10-2004-x64

1

njRAT 0.7d...ic.dll

windows10-2004-x64

1

njRAT 0.7d...lg.dll

windows10-2004-x64

1

njRAT 0.7d...pw.dll

windows10-2004-x64

1

njRAT 0.7d...c2.dll

windows10-2004-x64

1

njRAT 0.7d...in.xml

windows10-2004-x64

1

njRAT 0.7d...ub.xml

windows10-2004-x64

1

njRAT 0.7d...et.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/03/2023, 23:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    njRAT 0.7d Horror Edition/Plugin/Screamer5.exe

  • Size

    997KB

  • MD5

    28aaac578be4ce06cb695e4f927b4302

  • SHA1

    880ab0560b81e05e920f9ec1d6c0ecf5e04eaa7e

  • SHA256

    8929d3b749ff91527b8e407eff6bde4bb0bb27739313b5c0db0434cbf700dbfc

  • SHA512

    068698bda0543c773b36830f6760456e40e9046d9d20089ad88cb646ef5c7bd6c6716c6d59cfc7abd5bffb9129f5a7076e2f9c9b321795f224923f00b7b91374

  • SSDEEP

    24576:xcWLYmbwnSTHLmB1wS7pmYSOryHwC6FEUQ09E4a66:xFsoHSXw2S7wCqJ3

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\njRAT 0.7d Horror Edition\Plugin\Screamer5.exe
    "C:\Users\Admin\AppData\Local\Temp\njRAT 0.7d Horror Edition\Plugin\Screamer5.exe"
    1⤵
      PID:832
    • C:\Windows\system32\AUDIODG.EXE
      C:\Windows\system32\AUDIODG.EXE 0x2c8 0x150
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2904

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/832-133-0x0000000000C00000-0x0000000000D00000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/832-135-0x000000001BCB0000-0x000000001BD56000-memory.dmp

      Filesize

      664KB

      Download

    • memory/832-134-0x00000000016E0000-0x00000000016F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/832-136-0x000000001C230000-0x000000001C6FE000-memory.dmp

      Filesize

      4.8MB

      Download

    • memory/832-137-0x000000001C7F0000-0x000000001C88C000-memory.dmp

      Filesize

      624KB

      Download

    • memory/832-138-0x0000000001690000-0x0000000001698000-memory.dmp

      Filesize

      32KB

      Download

    • memory/832-139-0x000000001C950000-0x000000001C99C000-memory.dmp

      Filesize

      304KB

      Download

    • memory/832-140-0x00000000016E0000-0x00000000016F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/832-141-0x00000000016E0000-0x00000000016F0000-memory.dmp

      Filesize

      64KB

      Download