General

  • Target

    Client.exe

  • Size

    31KB

  • Sample

    240529-aycqbaca29

  • MD5

    fdbf55e90eba969a41229f1a8b2506b5

  • SHA1

    5df3f39480c05be26a61d41406ae50b107873a87

  • SHA256

    6e4e80c7fc6f4a659f2bceabc5e609061ee6e3715c070f853e79c8ad9a2718f6

  • SHA512

    9857f7c45ad04ff7a095f52523c6da22ed8d5e3e841e988ee430c691e585c17d39f4110f8e9e55cacbbebbde65f838f8a736dc7c563e50e13429a78dcecffdb3

  • SSDEEP

    768:7e0v+hW1nRNAzx7SnAlOvQFLhvKcQmIDUu0ti+Yj:C0K2a9RLQVkCj

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

roblox ext a-

C2

127.0.0.1:6522

Mutex

e6904aea6e66b1c493ff022e538e6416

Attributes
  • reg_key

    e6904aea6e66b1c493ff022e538e6416

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      Client.exe

    • Size

      31KB

    • MD5

      fdbf55e90eba969a41229f1a8b2506b5

    • SHA1

      5df3f39480c05be26a61d41406ae50b107873a87

    • SHA256

      6e4e80c7fc6f4a659f2bceabc5e609061ee6e3715c070f853e79c8ad9a2718f6

    • SHA512

      9857f7c45ad04ff7a095f52523c6da22ed8d5e3e841e988ee430c691e585c17d39f4110f8e9e55cacbbebbde65f838f8a736dc7c563e50e13429a78dcecffdb3

    • SSDEEP

      768:7e0v+hW1nRNAzx7SnAlOvQFLhvKcQmIDUu0ti+Yj:C0K2a9RLQVkCj

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks