njrat | b608d6859d6fd0dc67f2a4e0020adc1f8d6ebef48cd2d96c2c9541f5fee14588 | Triage

Sharing

General

Target

730ae9cefec755ee99409da3b8e0634f_JaffaCakes118
Size

38KB
Sample

240726-hw5bjswgre
MD5

730ae9cefec755ee99409da3b8e0634f
SHA1

07d746f5108e3f518d730631555a51f3db6d3348
SHA256

b608d6859d6fd0dc67f2a4e0020adc1f8d6ebef48cd2d96c2c9541f5fee14588
SHA512

6d9b20948bf6a1397cd17d959172b4b0db3656ea7d6b42ffad046f25ecaada8ccbffd8915d1f701c8d0e59978fa545c205c13760bd606eb6207688a5aff68969
SSDEEP

768:9wpD+Zwq3r1uFbaYh+Jnq7az+xRug+n2hpUE+fDNkQp6HwfF:gD+HZuY5q7az+GgDbUfZkQTfF

Score

10^/10

njrat b hat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

1fcb8fb3a4794ae29f1b8ef01d138a35

Attributes

reg_key
1fcb8fb3a4794ae29f1b8ef01d138a35
splitter
|'|'|

Targets

- Target
  
  730ae9cefec755ee99409da3b8e0634f_JaffaCakes118
- Size
  
  38KB
- MD5
  
  730ae9cefec755ee99409da3b8e0634f
- SHA1
  
  07d746f5108e3f518d730631555a51f3db6d3348
- SHA256
  
  b608d6859d6fd0dc67f2a4e0020adc1f8d6ebef48cd2d96c2c9541f5fee14588
- SHA512
  
  6d9b20948bf6a1397cd17d959172b4b0db3656ea7d6b42ffad046f25ecaada8ccbffd8915d1f701c8d0e59978fa545c205c13760bd606eb6207688a5aff68969
- SSDEEP
  
  768:9wpD+Zwq3r1uFbaYh+Jnq7az+xRug+n2hpUE+fDNkQp6HwfF:gD+HZuY5q7az+GgDbUfZkQTfF
Score

10^/10

njrat b hat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratb hatdiscoverytrojan

behavioral2

njratb hatdiscoverytrojan