njrat | e7704eff8e50977146b1598a59d8bd89878e6e42ac100a532c5edf1be50f66ff | Triage

Sharing

General

Target

6209dde2e93a02fd2b5e62ee4b5b0320_NeikiAnalytics.exe
Size

28KB
Sample

240530-dq1c7add39
MD5

6209dde2e93a02fd2b5e62ee4b5b0320
SHA1

a08c7449577f23dcad736a6810d5e82786e6b6fb
SHA256

e7704eff8e50977146b1598a59d8bd89878e6e42ac100a532c5edf1be50f66ff
SHA512

062b057e77bb37feaaa96817dfcb883037cc49d2a66a25f4dae05f69eca0c255fcdbcdf0273e284c5010f1927749a7ba237253b091fb2d76e1751883474b20c1
SSDEEP

384:DC2kDuwIlcHxiX9Y2UF4/RPY6bZyNeFlMfMLHm2Vo3O8TcdZcDMwScUievXeHEwK:PlwqyxiC4pPnF1mDeQcPNwSfUtSm

Score

10^/10

njrat cryter microsoft phishing

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Cryter

C2

amluOTg4*TYua3JvLmty:4444

Mutex

e773f562448816b894294964332a91e2

Attributes

reg_key
e773f562448816b894294964332a91e2
splitter
|'|'|

Targets

- Target
  
  6209dde2e93a02fd2b5e62ee4b5b0320_NeikiAnalytics.exe
- Size
  
  28KB
- MD5
  
  6209dde2e93a02fd2b5e62ee4b5b0320
- SHA1
  
  a08c7449577f23dcad736a6810d5e82786e6b6fb
- SHA256
  
  e7704eff8e50977146b1598a59d8bd89878e6e42ac100a532c5edf1be50f66ff
- SHA512
  
  062b057e77bb37feaaa96817dfcb883037cc49d2a66a25f4dae05f69eca0c255fcdbcdf0273e284c5010f1927749a7ba237253b091fb2d76e1751883474b20c1
- SSDEEP
  
  384:DC2kDuwIlcHxiX9Y2UF4/RPY6bZyNeFlMfMLHm2Vo3O8TcdZcDMwScUievXeHEwK:PlwqyxiC4pPnF1mDeQcPNwSfUtSm
Score

5^/10

microsoft phishing
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing