Overview

overview

7

Static

static

3

NjRat 0.7D...us.exe

windows7-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NjRat 0.7D Golden Edition - Rus.exe

  • Size

    1.1MB

  • Sample

    230825-pm2ydsbf66

  • MD5

    b740b825e1fdd8dfca62607fdebd6d28

  • SHA1

    aa7fa4730abc65cac68212278fef710feefb2169

  • SHA256

    62cc3e8ad0d36ecf9024fd801eba17e467558c29eb2b2ab40a935b79d8e98a18

  • SHA512

    68e4a8476e496ec959ca831e0bdcd63c46b455d9ef9671dd633617ebe4f10c50107c2b37115ac1b957630766d078014c4fd70bf97659cbc97c10f574be33c9c4

  • SSDEEP

    24576:cOPq7Qt50WkTbWeUvrFyLBE4uiuKjYZTC8ctzI9UXWNJRvs:cX7tjbavUBEjg29UmNs

Score
7/10

Malware Config

Targets

    • Target

      NjRat 0.7D Golden Edition - Rus.exe

    • Size

      1.1MB

    • MD5

      b740b825e1fdd8dfca62607fdebd6d28

    • SHA1

      aa7fa4730abc65cac68212278fef710feefb2169

    • SHA256

      62cc3e8ad0d36ecf9024fd801eba17e467558c29eb2b2ab40a935b79d8e98a18

    • SHA512

      68e4a8476e496ec959ca831e0bdcd63c46b455d9ef9671dd633617ebe4f10c50107c2b37115ac1b957630766d078014c4fd70bf97659cbc97c10f574be33c9c4

    • SSDEEP

      24576:cOPq7Qt50WkTbWeUvrFyLBE4uiuKjYZTC8ctzI9UXWNJRvs:cX7tjbavUBEjg29UmNs

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks