njrat | fdb771456b0ca1d8643c2982884f2fc16527d9adc45bb29fefd97232a64af616 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

njRAT Greenv0.7.exe

windows7-x64

7

njRAT Greenv0.7.exe

windows10-2004-x64

Sharing

General

Target

njRAT Greenv0.7.exe
Size

27KB
Sample

230420-lcrswsgh26
MD5

4615ac6caa9572931cc9ee8bf6689e2c
SHA1

d8324b9ecbd35854092b4266625b9572cb8a4a71
SHA256

fdb771456b0ca1d8643c2982884f2fc16527d9adc45bb29fefd97232a64af616
SHA512

5602c8d56966d473f49e13d7eea69ac8b07d0143a353d98682451a51b10027dd030ff1bc4a40b90922ce93ff517b2e12f4cacd15b44df9640a7be6c326ac3936
SSDEEP

384:NL5LlYn+oYjGmhcbws96PASW+MlAQk93vmhm7UMKmIEecKdbXTzm9bVhcak67r6h:dfZsm2rlA/vMHTi9bD

Score

10^/10

njrat hacked persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

njRAT Greenv0.7.exe

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

njRAT Greenv0.7.exe

Resource

win10v2004-20230220-en

njrat hacked persistence trojan

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

HacKed

C2

paul-positive.at.ply.gg:9693

Mutex

Windows

Attributes

reg_key
Windows
splitter
|-F-|

Targets

- Target
  
  njRAT Greenv0.7.exe
- Size
  
  27KB
- MD5
  
  4615ac6caa9572931cc9ee8bf6689e2c
- SHA1
  
  d8324b9ecbd35854092b4266625b9572cb8a4a71
- SHA256
  
  fdb771456b0ca1d8643c2982884f2fc16527d9adc45bb29fefd97232a64af616
- SHA512
  
  5602c8d56966d473f49e13d7eea69ac8b07d0143a353d98682451a51b10027dd030ff1bc4a40b90922ce93ff517b2e12f4cacd15b44df9640a7be6c326ac3936
- SSDEEP
  
  384:NL5LlYn+oYjGmhcbws96PASW+MlAQk93vmhm7UMKmIEecKdbXTzm9bVhcak67r6h:dfZsm2rlA/vMHTi9bD
Score

10^/10

njrat hacked persistence trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Drops startup file
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

njrathackedpersistencetrojan

© 2018-2025

Terms | Privacy