njrat | ea4f73e1f2cbf1495c6ac0c61113ad0ff6f04ab43b03c570feb9570f6a9e7d83 | Triage

Sharing

General

Target

ea4f73e1f2cbf1495c6ac0c61113ad0ff6f04ab43b03c570feb9570f6a9e7d83
Size

12KB
Sample

240419-wy336acf6v
MD5

24804f63246b91ce5df3831136b2de3b
SHA1

e144a59cf80dc4ea54c700eee8020a37e11211d0
SHA256

ea4f73e1f2cbf1495c6ac0c61113ad0ff6f04ab43b03c570feb9570f6a9e7d83
SHA512

97829f1fcdfa52ef49863833b4e9434408005b1453c08ca25c9aa3a664272b2539bfbd53327a9c37394d26e2e3805412815b735b2a1f6124c4b3df63b9eea3a9
SSDEEP

192:eR2XW4iVt03426RJyzcxetghbjvXPjWmlryv+t6NJNKDENwvBETjg:0Tt52UJyzcQChHX7WJ26HNKAPg

Score

10^/10

njrat 2525252525252525

Malware Config

Extracted

Family

njrat

Version

v2.0

Botnet

2525252525252525

C2

2525.libya2020.com.ly:2525

Mutex

Windows

Attributes

reg_key
Windows
splitter
|-F-|

Targets

- Target
  
  6bd762c59e48a2fd605e2217780e3f9d00a011330b408802bbdeaa2066c632aa
- Size
  
  27KB
- MD5
  
  20af74c19ce0ae00cb87c4c912f937da
- SHA1
  
  e1557feb74f2c2e68853917589ae2020cf1fe61d
- SHA256
  
  6bd762c59e48a2fd605e2217780e3f9d00a011330b408802bbdeaa2066c632aa
- SHA512
  
  05228fb3dd5fdda805668fdabafadcfe175af96a1b63dbabab02198c9b261d8040cbb59f1c5d042528c553483f0641cc2c4452fd2fd3fb3b16c4e7a931fcbc6b
- SSDEEP
  
  384:JLmzZnO4Yvzjt4NS6diPoiG2MNAQk93vmhm7UMKmIEecKdbXTzm9bVhcaU6Or6eC:5sk1k3NA/vMHTi9bD
Score

7^/10
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

2525252525252525njrat

behavioral1

behavioral2