njrat | f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf | Triage

Sharing

General

Target

f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf
Size

29KB
Sample

240325-cfl75sfh6z
MD5

a051c849e389cec5636e4f0f9b080e8c
SHA1

70228c5ab77e03193e527ccb995c5ec3b0c09b1a
SHA256

f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf
SHA512

cd0a2ba45982f81b24bc289fa3a4bf10da2f828c845d2a73ce62bea8729d95737eed6e59d70ac05606b6d97d4cd36d721b538975f01b0c837324c95d22dc2e75
SSDEEP

384:EPqvANl7TxTD+VF2dbofPauxnaIuN15708COmqDk9jeHqGBsbh0w4wlAokw9Ohgd:ru75oa4fuTC8cqojeVBKh0p29SgR5d

Score

10^/10

njrat hacker trojan

Malware Config

Extracted

Family

njrat

Version

0.6.4

Botnet

hacker

C2

01KeKe-41878.portmap.io:41878

Mutex

12826896566034991c9912d3a1ee9bf7

Attributes

reg_key
12826896566034991c9912d3a1ee9bf7
splitter
|'|'|

Targets

- Target
  
  f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf
- Size
  
  29KB
- MD5
  
  a051c849e389cec5636e4f0f9b080e8c
- SHA1
  
  70228c5ab77e03193e527ccb995c5ec3b0c09b1a
- SHA256
  
  f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf
- SHA512
  
  cd0a2ba45982f81b24bc289fa3a4bf10da2f828c845d2a73ce62bea8729d95737eed6e59d70ac05606b6d97d4cd36d721b538975f01b0c837324c95d22dc2e75
- SSDEEP
  
  384:EPqvANl7TxTD+VF2dbofPauxnaIuN15708COmqDk9jeHqGBsbh0w4wlAokw9Ohgd:ru75oa4fuTC8cqojeVBKh0p29SgR5d
Score

10^/10

njrat hacker trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

njrathackertrojan

behavioral2