Overview

overview

10

Static

static

3

Crypted.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Crypted.exe

  • Size

    88KB

  • Sample

    240328-n9fs1ahg84

  • MD5

    2efb2559c587fb9f5372295aab2239c6

  • SHA1

    8b5e3bbd2b018dbad8f79c0100cd2ebaad5e89f8

  • SHA256

    76968437a1f58c6bdfa05ed4f054904c39e7321e2ade66fa1f45749bd83b148d

  • SHA512

    4952fa45a6cefa20bf2f11e747c8502337b46fb1967c97c8e83974ee7927b3307a3966f549d3a6ca2cd9b51c01144096dac9cb6c59250fe54aaf962c6d5243f8

  • SSDEEP

    1536:ULvAYpTMyBoew8m4sgTw+n6P2FOCLuDqFqh3A2BumExcVdOITktxxeC1xWHq6Y82:AvAGeQJ6P24CLQZA2BqiVonx7yq6Y82

Score
10/10
njrattesttrojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

test

C2

127.0.0.1:775

Mutex

7e6cfad0d1c91f6e165fe973f211f70d

Attributes
  • reg_key

    7e6cfad0d1c91f6e165fe973f211f70d

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      Crypted.exe

    • Size

      88KB

    • MD5

      2efb2559c587fb9f5372295aab2239c6

    • SHA1

      8b5e3bbd2b018dbad8f79c0100cd2ebaad5e89f8

    • SHA256

      76968437a1f58c6bdfa05ed4f054904c39e7321e2ade66fa1f45749bd83b148d

    • SHA512

      4952fa45a6cefa20bf2f11e747c8502337b46fb1967c97c8e83974ee7927b3307a3966f549d3a6ca2cd9b51c01144096dac9cb6c59250fe54aaf962c6d5243f8

    • SSDEEP

      1536:ULvAYpTMyBoew8m4sgTw+n6P2FOCLuDqFqh3A2BumExcVdOITktxxeC1xWHq6Y82:AvAGeQJ6P24CLQZA2BqiVonx7yq6Y82

    Score
    10/10
    njrattesttrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

1
T1564

Hidden Files and Directories

1
T1564.001

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks