Overview

overview

10

Static

static

10

test.exe

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    test.exe

  • Size

    31KB

  • Sample

    230415-1ddd8ahd4s

  • MD5

    5ab6073a4ecb061d0d87f33fc42517ae

  • SHA1

    4f611c050a264436d0832622709fc5c500eaae0b

  • SHA256

    275c1d6827109fc66ea643290239b75928f455749d19de1fb60e0a2984dd44c5

  • SHA512

    85903f5a471d5ec09de913b1983c80283787842bb1aeff517207717706e76190f06a6af9e4f1221cbc929e572478815d65c7b5f93669583fe7a9c9da2a2d1d3b

  • SSDEEP

    768:BzirDp8pdvXyzx9uFwna/5nW3TvanQmIDUu0tixPj:ow68nQbkQVkYj

Score
10/10
njrathackedevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

10.10.10.10:8080

Mutex

fc18f90cb05b06d57e182c1350fa6b6e

Attributes
  • reg_key

    fc18f90cb05b06d57e182c1350fa6b6e

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      test.exe

    • Size

      31KB

    • MD5

      5ab6073a4ecb061d0d87f33fc42517ae

    • SHA1

      4f611c050a264436d0832622709fc5c500eaae0b

    • SHA256

      275c1d6827109fc66ea643290239b75928f455749d19de1fb60e0a2984dd44c5

    • SHA512

      85903f5a471d5ec09de913b1983c80283787842bb1aeff517207717706e76190f06a6af9e4f1221cbc929e572478815d65c7b5f93669583fe7a9c9da2a2d1d3b

    • SSDEEP

      768:BzirDp8pdvXyzx9uFwna/5nW3TvanQmIDUu0tixPj:ow68nQbkQVkYj

    Score
    10/10
    njrathackedevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks