njrat | a4fbaaa204aca9a130d8e5d9ea6f2b01f2c30a5443b41541bf518e8dd9a920ac | Triage

Sharing

General

Target

bd7695d7bbf28030199a9a78532fde00N.exe
Size

23KB
Sample

240828-zzjmpawekg
MD5

bd7695d7bbf28030199a9a78532fde00
SHA1

b44886aa9a24957276177dac88bb8530206a21a7
SHA256

a4fbaaa204aca9a130d8e5d9ea6f2b01f2c30a5443b41541bf518e8dd9a920ac
SHA512

b8c4b3074f745e8919d189fb277540596152bb628645351b2dbf7e708438515a0d3c4de5cdd01eea9b54347e8b1a2b574226d6fa70cd7f3645e9b13fa21a23d0
SSDEEP

384:ps2aUrue9Bx0RPIxHVSul0M/GrUdw6jgFIqZZj1mRvR6JZlbw8hqIusZzZ+FBy:iQ/ok1lzRpcnuRI

Score

10^/10

njrat hacked-8 discovery evasion persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed-8

C2

boston-agriculture.gl.at.ply.gg:13746

Mutex

b113b60e80a8269511cfb270424012b5

Attributes

reg_key
b113b60e80a8269511cfb270424012b5
splitter
|'|'|

Targets

- Target
  
  bd7695d7bbf28030199a9a78532fde00N.exe
- Size
  
  23KB
- MD5
  
  bd7695d7bbf28030199a9a78532fde00
- SHA1
  
  b44886aa9a24957276177dac88bb8530206a21a7
- SHA256
  
  a4fbaaa204aca9a130d8e5d9ea6f2b01f2c30a5443b41541bf518e8dd9a920ac
- SHA512
  
  b8c4b3074f745e8919d189fb277540596152bb628645351b2dbf7e708438515a0d3c4de5cdd01eea9b54347e8b1a2b574226d6fa70cd7f3645e9b13fa21a23d0
- SSDEEP
  
  384:ps2aUrue9Bx0RPIxHVSul0M/GrUdw6jgFIqZZj1mRvR6JZlbw8hqIusZzZ+FBy:iQ/ok1lzRpcnuRI
Score

10^/10

njrat discovery evasion persistence privilege_escalation trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

njratdiscoveryevasionpersistenceprivilege_escalationtrojan