Overview

overview

10

Static

static

10

0d8b76317d...25.exe

windows7-x64

8

0d8b76317d...25.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d8b76317dbfa4482bc07bc247df8f25.exe

  • Size

    31KB

  • Sample

    230608-akf6ksab3w

  • MD5

    0d8b76317dbfa4482bc07bc247df8f25

  • SHA1

    236b3b64330227d5d34bda71703945747ecacf06

  • SHA256

    da83ebf186d48f78f9aa8fd6c67d50141c20a104696697373badd324555b4c96

  • SHA512

    807b7f22dd6fc7dece192ecc817d4471772134d4b48c08bd4f689d80aa4cd248eadd6625a2360bfef30f14dd54dd55c99e23ce88d8cf4d2c5af947f1978aa238

  • SSDEEP

    768:8rzgfV5VXPKzxF+dtYjK/L+rvAJQmIDUu0tiJsj:/fqci4QVknj

Score
10/10
njrattest1evasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Test1

C2

81.23.151.222:352

Mutex

cced8f41daef86542c6eaefd81723d42

Attributes
  • reg_key

    cced8f41daef86542c6eaefd81723d42

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      0d8b76317dbfa4482bc07bc247df8f25.exe

    • Size

      31KB

    • MD5

      0d8b76317dbfa4482bc07bc247df8f25

    • SHA1

      236b3b64330227d5d34bda71703945747ecacf06

    • SHA256

      da83ebf186d48f78f9aa8fd6c67d50141c20a104696697373badd324555b4c96

    • SHA512

      807b7f22dd6fc7dece192ecc817d4471772134d4b48c08bd4f689d80aa4cd248eadd6625a2360bfef30f14dd54dd55c99e23ce88d8cf4d2c5af947f1978aa238

    • SSDEEP

      768:8rzgfV5VXPKzxF+dtYjK/L+rvAJQmIDUu0tiJsj:/fqci4QVknj

    Score
    10/10
    evasionnjrattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks