Overview

overview

10

Static

static

3

Njrat/NjRat 0.7D.exe

windows7-x64

10

Njrat/NjRat 0.7D.exe

windows10-1703-x64

10

Njrat/NjRat 0.7D.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NjRat Green Edition пароль 111.zip

  • Size

    3.2MB

  • Sample

    231024-ptxbgsch8w

  • MD5

    a8472968356dc648fffb2be6a2400a35

  • SHA1

    46df75e023d3626abd6f914a5634b544e7fa928d

  • SHA256

    db5575ba91df5cf9571f4ad36d0091b7a3e03ce9aeab80cd87295360046cb47e

  • SHA512

    99f3f1aec368daf0c3c265dbe3bf2424da77e02ceab6b629828e2126d5930305fa802158d03966c067728bbb9df77888fa6f468013ed55af169f3b9c5ebad9c1

  • SSDEEP

    98304:jf7lG6Rqv0uoB+TndsHsa0Jo36Z1FkGQv7kNOgYWE7sI:jfJG6Rqv0JBandsCy36LQTy6WE7sI

Score
10/10
xmrigminer

Malware Config

Targets

    • Target

      Njrat/NjRat 0.7D.exe

    • Size

      2.2MB

    • MD5

      27e353481e08ead38d3f5dd7a4042d01

    • SHA1

      61f6691539aa0201f69a61f2d6b4328c47856ef9

    • SHA256

      0e6a282cdeaf4ec1222b7223a01935f686a7891b36c35b4f6a69fe6a6a1db260

    • SHA512

      ac4ae70b6c5e307bcf535f981132fef00b3182be9c272413c510b16b6a95540595925f53b698e3640200a8b681033e15a117d72b2145e2d3a835bef5154ac9cd

    • SSDEEP

      49152:MP0OMxYLKA67mRRxMQSL/neZW9F8saXeAx5vAoNhaPsQ+Quc393:wMxYLK+RRCQSL/V9FqXeIF2qDct

    Score
    10/10
    xmrigminer

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Enterprise v15

Tasks