Overview

overview

3

Static

static

3

njRAT v0.7d.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    30s
  • max time network
    32s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-07-2024 15:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    njRAT v0.7d.exe

  • Size

    1.6MB

  • MD5

    473e1a7be89c3a727176d4f9f5a64b69

  • SHA1

    501eb2c1432ff2b4e5ff582ad82d0fca152adebc

  • SHA256

    bf853789b938bdc5da8aaeb52511379a332c7cf238266a21bfcb0318a62e85cb

  • SHA512

    4d0ef049c83fe2790e8c201c643b68be26ae854feaeb154e7b1703c9f7c7250abc7307cef035f723fe8d5cf9d85175ff19a7bd37c403536617c8df9f9a7079fd

  • SSDEEP

    24576:IB4Uzr6UeRmmZg8ADHWsJuFfo5jYbYzHSG/UpnMUnFz3Y/l0:7w+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\njRAT v0.7d.exe
    "C:\Users\Admin\AppData\Local\Temp\njRAT v0.7d.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:100
  • C:\Windows\system32\AUDIODG.EXE
    C:\Windows\system32\AUDIODG.EXE 0x4f4 0x49c
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/100-0-0x00007FFE88CE5000-0x00007FFE88CE6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/100-1-0x000000001B3E0000-0x000000001B486000-memory.dmp

    Filesize

    664KB

    Download

  • memory/100-2-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-3-0x000000001B960000-0x000000001BE2E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/100-4-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-5-0x000000001BF20000-0x000000001BFBC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/100-6-0x0000000000DD0000-0x0000000000DD8000-memory.dmp

    Filesize

    32KB

    Download

  • memory/100-7-0x000000001C080000-0x000000001C0CC000-memory.dmp

    Filesize

    304KB

    Download

  • memory/100-8-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-9-0x000000001CE80000-0x000000001CE92000-memory.dmp

    Filesize

    72KB

    Download

  • memory/100-10-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-11-0x00007FFE88CE5000-0x00007FFE88CE6000-memory.dmp

    Filesize

    4KB

    Download

  • memory/100-12-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-13-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/100-14-0x00007FFE88A30000-0x00007FFE893D1000-memory.dmp

    Filesize

    9.6MB

    Download