njrat | ca042c8f01daaca81b858f79f99eae7289ef016617d685088fcfc7244a24eb0e | Triage

Sharing

General

Target

Client.exe
Size

31KB
Sample

231211-trytradce2
MD5

fc89e19ca22dec3c9b008dfafc051f06
SHA1

9894ab0047c9dbaa91d264391f12cd2d3b572be6
SHA256

ca042c8f01daaca81b858f79f99eae7289ef016617d685088fcfc7244a24eb0e
SHA512

2d547fefb20fc88bc68e2c043a48baafb8e76d067354e19dd212c0e4ef4799634894318d0e3b66919cc5fffb0c939a9a7e0c93a918b853ea2dac7b8af7a0cc34
SSDEEP

768:8uXXOYoZhjYOzx5+1vB/WDeRAnv7jkQmIDUu0ti88j:NXT838JQ3kQVk4j

Score

10^/10

njrat mybot android execution linux macos persistence

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

frank-arguably-shepherd.ngrok-free.app:5552

Mutex

38187be72a4de67176e62a8c16dbe278

Attributes

reg_key
38187be72a4de67176e62a8c16dbe278
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  Client.exe
- Size
  
  31KB
- MD5
  
  fc89e19ca22dec3c9b008dfafc051f06
- SHA1
  
  9894ab0047c9dbaa91d264391f12cd2d3b572be6
- SHA256
  
  ca042c8f01daaca81b858f79f99eae7289ef016617d685088fcfc7244a24eb0e
- SHA512
  
  2d547fefb20fc88bc68e2c043a48baafb8e76d067354e19dd212c0e4ef4799634894318d0e3b66919cc5fffb0c939a9a7e0c93a918b853ea2dac7b8af7a0cc34
- SSDEEP
  
  768:8uXXOYoZhjYOzx5+1vB/WDeRAnv7jkQmIDUu0ti88j:NXT838JQ3kQVk4j
Score

5^/10

execution persistence
- Launch Agent
  persistence
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

System Services

Launchctl

Persistence

Create or Modify System Process

Launch Agent

Privilege Escalation

Create or Modify System Process

Launch Agent

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

behavioral3

executionpersistence

behavioral4