Overview

overview

10

Static

static

10

Client.exe

windows7-x64

8

Client.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Client.exe

  • Size

    31KB

  • Sample

    231214-wd2dtsfeel

  • MD5

    204bd0c86c0a3be2ec30c0608d132a69

  • SHA1

    ae66b4f6c4cd2b5cba3b3ab6562bdac3d5164fd2

  • SHA256

    f6e2927729d3eddb7d81074111d5c3e48670af98117f18d0831c363c5ceb8795

  • SHA512

    69b20c4fe294c575d2b9c426c82c7001a18dc447b587d7f8f994ab98531499148faab29c88bae53c418cda41308239f4993f8cc7411626b664f7829463b9f7e9

  • SSDEEP

    768:gFG5TP1/plIzxTCfVYAvN1Zvy/QmIDUu0tiUej:9b1ay/YQVkqj

Score
10/10
njratmybotevasion

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

127.0.0.1:6522

Mutex

60c28f2ec9c1d3d7f391e11534af955e

Attributes
  • reg_key

    60c28f2ec9c1d3d7f391e11534af955e

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      Client.exe

    • Size

      31KB

    • MD5

      204bd0c86c0a3be2ec30c0608d132a69

    • SHA1

      ae66b4f6c4cd2b5cba3b3ab6562bdac3d5164fd2

    • SHA256

      f6e2927729d3eddb7d81074111d5c3e48670af98117f18d0831c363c5ceb8795

    • SHA512

      69b20c4fe294c575d2b9c426c82c7001a18dc447b587d7f8f994ab98531499148faab29c88bae53c418cda41308239f4993f8cc7411626b664f7829463b9f7e9

    • SSDEEP

      768:gFG5TP1/plIzxTCfVYAvN1Zvy/QmIDUu0tiUej:9b1ay/YQVkqj

    Score
    8/10
    evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks