njrat | 021833fb04156406bfe36efa3e021a801df64e0b1a7b8e278b549ef5c6586b86 | Triage

Sharing

General

Target

bQcb.exe
Size

26KB
Sample

231012-dnapraec43
MD5

78fa62154dbaf84d52e096e8f058f60e
SHA1

d28ba676fb74abb4357e1e49f6e6b2a0424e0e62
SHA256

021833fb04156406bfe36efa3e021a801df64e0b1a7b8e278b549ef5c6586b86
SHA512

d219df3d2cd8c23dd156ee8a0d747c34b2842812bacc17d3ec68e435f379dbc3a1824a99f8b6ead44a2e8288c445f418753b04fe2fbcd2d81d2fdd091f9ef89a
SSDEEP

384:yLd6cufEYAA/XgWeyoHzCYe/iBY2OzRLTm3yilqr63+b/tVvGD:sl8AA/6T5e/gsE2VvGD

Score

10^/10

njrat trojan

Malware Config

Targets

- Target
  
  bQcb.exe
- Size
  
  26KB
- MD5
  
  78fa62154dbaf84d52e096e8f058f60e
- SHA1
  
  d28ba676fb74abb4357e1e49f6e6b2a0424e0e62
- SHA256
  
  021833fb04156406bfe36efa3e021a801df64e0b1a7b8e278b549ef5c6586b86
- SHA512
  
  d219df3d2cd8c23dd156ee8a0d747c34b2842812bacc17d3ec68e435f379dbc3a1824a99f8b6ead44a2e8288c445f418753b04fe2fbcd2d81d2fdd091f9ef89a
- SSDEEP
  
  384:yLd6cufEYAA/XgWeyoHzCYe/iBY2OzRLTm3yilqr63+b/tVvGD:sl8AA/6T5e/gsE2VvGD
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2