Overview

overview

10

Static

static

10

1111111.exe

windows7-x64

10

1111111.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1111111.exe

  • Size

    31KB

  • Sample

    240121-pzc5ssdec5

  • MD5

    7df82d98744c6042af089c281afdeeb6

  • SHA1

    b08b89481da17184534617000d0229e3313f0533

  • SHA256

    bda4ed91e3c5e86a9441b18e37e0337436131065648742bc4c74337d33b7baf3

  • SHA512

    1c482f9da39b68bbf6a20acd5ec60ca9a654d20381ee3926930e07a9901ee380020a9e3d40e1ef7eafc0c150d2df1fb8b0ef6f35d81749c222956245842d720e

  • SSDEEP

    768:Ur875d5rLmzxBuJjIEg/S6vTvIJQmIDUu0tiuUGj:7vKI6j4QVkXj

Score
10/10
njratmybotevasiontrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

213.136.94.52:1

Mutex

4b12fc16f57d298effe3718d29e163d5

Attributes
  • reg_key

    4b12fc16f57d298effe3718d29e163d5

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      1111111.exe

    • Size

      31KB

    • MD5

      7df82d98744c6042af089c281afdeeb6

    • SHA1

      b08b89481da17184534617000d0229e3313f0533

    • SHA256

      bda4ed91e3c5e86a9441b18e37e0337436131065648742bc4c74337d33b7baf3

    • SHA512

      1c482f9da39b68bbf6a20acd5ec60ca9a654d20381ee3926930e07a9901ee380020a9e3d40e1ef7eafc0c150d2df1fb8b0ef6f35d81749c222956245842d720e

    • SSDEEP

      768:Ur875d5rLmzxBuJjIEg/S6vTvIJQmIDUu0tiuUGj:7vKI6j4QVkXj

    Score
    10/10
    njratevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks