ebdff179265008e86994c47f5363698930f2ed571184bf37d379814e732ffa4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NJRAT Gangster Edition.zip
Size

2.4MB
Sample

240512-qy8ezsgh81
MD5

e6833382b5c8284f642381dfbe35709e
SHA1

ee44588d524c4063e984ecd2b66f6066486d2045
SHA256

ebdff179265008e86994c47f5363698930f2ed571184bf37d379814e732ffa4f
SHA512

e5e1b1c243743d4a7ae2536008a53b2f018b5891f49f01c8cd8df82d587c8b3ce24476f0ed3427db1b7a4215784d2c7542c19462a215b3d65eda7ef55ed64ba4
SSDEEP

49152:dfA8H8p/74w8rzMpC9YQK/Bv7SsMtBptSzVqNCVJv24EMvhyj:e8cp/7v7gTpaqMzu4Jhyj

Score

7^/10

Malware Config

Targets

- Target
  
  NJRAT-main/NJRAT 0.7D/NJRAT 0.7D.exe
- Size
  
  1.8MB
- MD5
  
  51f09307cf869fd8d38a887e215f68f1
- SHA1
  
  1e712db1c8e4f85f8a9c3c0df269c33a591eb7de
- SHA256
  
  ffe4de68cf4b6a1f23bbb4097ad6a29c6a2dbd2f1b609a7b15d38fd8478496ed
- SHA512
  
  9394a5a852b574666b2ffe6ed0fc075fa40a4d677a89969339450ec1f7784c2d4b8a10e457c0fe325f24bbbd341bfb3149bec65a24bb7241fc688ab473be0aec
- SSDEEP
  
  49152:5ZB1G8Ycd66Dk7UcGZr8dr9urHhiF4VX5//:r3GKAcVejujhiF0XB/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4