Overview

overview

6

Static

static

1

njRAT0.7dF...1).msi

windows7-x64

6

njRAT0.7dF...1).msi

windows10-2004-x64

6

Resubmissions

21-08-2024 19:45

240821-ygpwbaxbkc 6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    njRAT0.7dFixedStealer (1).msi

  • Size

    3.2MB

  • Sample

    240821-ygpwbaxbkc

  • MD5

    5d74155c3195e27633e1609d45b1ce07

  • SHA1

    e1ea143d17a1700867bf1baea72a442109f27504

  • SHA256

    5f1b04e4a9cf5e1e3f3e11a4ff712702a102c93be276dd5da9c6927c4808575a

  • SHA512

    1d75aa24a3c9e161c36422aa543bbb60491ef5a8f497aee2fb29cb692170b6745b054dcd2ee8f881c68d182db033c04842fe2f1484385870488738d108145c36

  • SSDEEP

    49152:+qf/c/f9r84jEHYDgE5e7vxP5Ferq7I5RJK5k1jcB6jWH5XzatCJkH105fASGdvi:tVHYDgpNxFecIC2H16l

Score
6/10
discoveryevasiontrojan

Malware Config

Targets

    • Target

      njRAT0.7dFixedStealer (1).msi

    • Size

      3.2MB

    • MD5

      5d74155c3195e27633e1609d45b1ce07

    • SHA1

      e1ea143d17a1700867bf1baea72a442109f27504

    • SHA256

      5f1b04e4a9cf5e1e3f3e11a4ff712702a102c93be276dd5da9c6927c4808575a

    • SHA512

      1d75aa24a3c9e161c36422aa543bbb60491ef5a8f497aee2fb29cb692170b6745b054dcd2ee8f881c68d182db033c04842fe2f1484385870488738d108145c36

    • SSDEEP

      49152:+qf/c/f9r84jEHYDgE5e7vxP5Ferq7I5RJK5k1jcB6jWH5XzatCJkH105fASGdvi:tVHYDgpNxFecIC2H16l

    Score
    6/10
    discoveryevasiontrojan

    • Blocklisted process makes network request

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks