njrat | 0e26393b65e698bea45d56ba8ff71a8a09b5cc9a73268a75496cb9ecaac5cc26 | Triage

Sharing

General

Target

bR0o.exe
Size

26KB
Sample

231113-qc7xbscg6v
MD5

385b5278ed6894fd2b1ca8b64caa3ce3
SHA1

f4342d0568002385fdcce1e9be63f462ccfa8203
SHA256

0e26393b65e698bea45d56ba8ff71a8a09b5cc9a73268a75496cb9ecaac5cc26
SHA512

c835a76b34df871754986adc3ad30173d717be05d16f0af204c1a1477b7b4120f371ce1ea52f3c50568e8be275896a6c18181a5a1af17aa8ebe83c7bdebc0427
SSDEEP

384:VLd6cufEYAA/XgWeyoHzCYe/iBY2OzRLTm3yilqr63+bbtVvGD:1l8AA/6T5e/gsEuVvGD

Score

10^/10

njrat trojan

Malware Config

Targets

- Target
  
  bR0o.exe
- Size
  
  26KB
- MD5
  
  385b5278ed6894fd2b1ca8b64caa3ce3
- SHA1
  
  f4342d0568002385fdcce1e9be63f462ccfa8203
- SHA256
  
  0e26393b65e698bea45d56ba8ff71a8a09b5cc9a73268a75496cb9ecaac5cc26
- SHA512
  
  c835a76b34df871754986adc3ad30173d717be05d16f0af204c1a1477b7b4120f371ce1ea52f3c50568e8be275896a6c18181a5a1af17aa8ebe83c7bdebc0427
- SSDEEP
  
  384:VLd6cufEYAA/XgWeyoHzCYe/iBY2OzRLTm3yilqr63+bbtVvGD:1l8AA/6T5e/gsEuVvGD
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2