njrat | e9eb7ce697b5dd84e2189ad96a618d34016781e3e05e48529f39a368fd9f000d | Triage

Sharing

General

Target

abcd969ee379cbe42f3a4513513ab578
Size

538KB
Sample

240228-nvbkqsaf93
MD5

abcd969ee379cbe42f3a4513513ab578
SHA1

ae012c3c2ca7e316af5c2a37d576124fa969cfe3
SHA256

e9eb7ce697b5dd84e2189ad96a618d34016781e3e05e48529f39a368fd9f000d
SHA512

13314a089a660f5f44b895e8c821bd60a03150b93733f25dc600e30e7899a647802dd3211ad62539ae5a39c682e783df0f617a58158009101ab446d176a27af3
SSDEEP

12288:8TdK0Js33WdFuUfbFfHAAGdqV/OOu2zYRs:8Tc0Js3aFuUfbFfHAAGdqV/Of2zYRs

Score

10^/10

njrat inviter2 trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

inviter2

C2

server77.ddns.net:5556

Mutex

e6dfe525c9e72b16ec2dd106adf4118f

Attributes

reg_key
e6dfe525c9e72b16ec2dd106adf4118f
splitter
|'|'|

Targets

- Target
  
  abcd969ee379cbe42f3a4513513ab578
- Size
  
  538KB
- MD5
  
  abcd969ee379cbe42f3a4513513ab578
- SHA1
  
  ae012c3c2ca7e316af5c2a37d576124fa969cfe3
- SHA256
  
  e9eb7ce697b5dd84e2189ad96a618d34016781e3e05e48529f39a368fd9f000d
- SHA512
  
  13314a089a660f5f44b895e8c821bd60a03150b93733f25dc600e30e7899a647802dd3211ad62539ae5a39c682e783df0f617a58158009101ab446d176a27af3
- SSDEEP
  
  12288:8TdK0Js33WdFuUfbFfHAAGdqV/OOu2zYRs:8Tc0Js3aFuUfbFfHAAGdqV/Of2zYRs
Score

10^/10

njrat inviter2 trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratinviter2trojan

behavioral2

njratinviter2trojan