njrat | 16855c2301d184e41dba86afc518440d6c9d756bcbaeb7daebb0439b316c40ba | Triage

Submit
Reports

Overview

overview

Static

static

xcmo.zip

windows10-1703-x64

4

Resubmissions

09-09-2023 11:40

230909-ns69maag66 10

09-09-2023 11:39

230909-nsc1saag57 10

07-09-2023 19:38

230907-ycr5wadf8x 10

Sharing

General

Target

xcmo.zip
Size

8.0MB
Sample

230909-nsc1saag57
MD5

c5f48b58ee411b925a3bca02bc9bcb2b
SHA1

819a0b79fc8860634eed48d5e529dcfbdc0416b7
SHA256

16855c2301d184e41dba86afc518440d6c9d756bcbaeb7daebb0439b316c40ba
SHA512

e3c016464ba34d545eafd6a7594a75ba3bcb394f9920f10b1734519f3bbf430a15b8605aa40e3bd02b79dcf572f1223d0792e5e98ec3e7cacc3f548b362a865e
SSDEEP

196608:pl6dKeJB6DumaD71MMBtbxGxJzUGjuNr7YUX0Lc1GOMfo:+dKebgw7hBFxGxJvjaJXecCo

Score

10^/10

njrat hacked svchost upx

Static task

static1

hacked upx svchost njrat

5 signatures

Behavioral task

behavioral1

Sample

xcmo.zip

Resource

win10-20230831-en

windows10-1703-x64

6 signatures

1800 seconds

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hack9991.hopto.org:1177

Mutex

2ca07b832d8eaedbc7053063c9b11e8b

Attributes

reg_key
2ca07b832d8eaedbc7053063c9b11e8b
splitter
|'|'|

Extracted

Family

njrat

Version

0.7d

Botnet

svchost

C2

king14.duckdns.org:1177

Mutex

91602bde66d8a2627f3507223a646162

Attributes

reg_key
91602bde66d8a2627f3507223a646162
splitter
|'|'|

Targets

- Target
  
  xcmo.zip
- Size
  
  8.0MB
- MD5
  
  c5f48b58ee411b925a3bca02bc9bcb2b
- SHA1
  
  819a0b79fc8860634eed48d5e529dcfbdc0416b7
- SHA256
  
  16855c2301d184e41dba86afc518440d6c9d756bcbaeb7daebb0439b316c40ba
- SHA512
  
  e3c016464ba34d545eafd6a7594a75ba3bcb394f9920f10b1734519f3bbf430a15b8605aa40e3bd02b79dcf572f1223d0792e5e98ec3e7cacc3f548b362a865e
- SSDEEP
  
  196608:pl6dKeJB6DumaD71MMBtbxGxJzUGjuNr7YUX0Lc1GOMfo:+dKebgw7hBFxGxJvjaJXecCo
Score

4^/10
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

hackedupxsvchostnjrat

behavioral1

© 2018-2024

Terms | Privacy