njrat | 1587dea298492bab3d0bfd69c405c4e0ecf866bbbe7109b161aa1dfcd96b6efb | Triage

Sharing

General

Target

Server.exe
Size

37KB
Sample

240726-jb34esthjm
MD5

f4e8eab69940b39db58933ec913d82dc
SHA1

f156eb2955e4cda1f650d9a01b2de56f876c418a
SHA256

1587dea298492bab3d0bfd69c405c4e0ecf866bbbe7109b161aa1dfcd96b6efb
SHA512

3f55df11c58809b9fb95bf1584f13ad9dc85ab6761ef34b45eca69b9c79c804fc794b8e6f5284a8b3b18dea9dfa87137ccc9e7312896021122ad0ccadda78939
SSDEEP

384:fbudevEiTblvpWNcZ0y8fJCtTHVnLkC+LlrAF+rMRTyN/0L+EcoinblneHQM3ep5:YeBTZ38fJCtTld+BrM+rMRa8NuzFt

Score

10^/10

njrat hacked discovery

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

20.ip.gl.ply.gg:55257

Mutex

2b76bf9337cc5cf1d100713234f2d249

Attributes

reg_key
2b76bf9337cc5cf1d100713234f2d249
splitter
|'|'|

Targets

- Target
  
  Server.exe
- Size
  
  37KB
- MD5
  
  f4e8eab69940b39db58933ec913d82dc
- SHA1
  
  f156eb2955e4cda1f650d9a01b2de56f876c418a
- SHA256
  
  1587dea298492bab3d0bfd69c405c4e0ecf866bbbe7109b161aa1dfcd96b6efb
- SHA512
  
  3f55df11c58809b9fb95bf1584f13ad9dc85ab6761ef34b45eca69b9c79c804fc794b8e6f5284a8b3b18dea9dfa87137ccc9e7312896021122ad0ccadda78939
- SSDEEP
  
  384:fbudevEiTblvpWNcZ0y8fJCtTHVnLkC+LlrAF+rMRTyN/0L+EcoinblneHQM3ep5:YeBTZ38fJCtTld+BrM+rMRa8NuzFt
Score

3^/10

discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1