njrat | 74f31feb93ba5c4c781b9554a6d8792735e0ef0ec6bbf2fde16102990d2847e2 | Triage

Sharing

General

Target

cbcc1b79847d72822e7c5360b85ec74e_JaffaCakes118
Size

17KB
Sample

240830-2gvckszhkn
MD5

cbcc1b79847d72822e7c5360b85ec74e
SHA1

09baeda283d8a026f49cbe151faf8eaeb9b83ee3
SHA256

74f31feb93ba5c4c781b9554a6d8792735e0ef0ec6bbf2fde16102990d2847e2
SHA512

ca90bf4d2de057671772d91d6b77b1a3bbd9319e27345563fd7ef356cd4a545d947c9a7a3be13864750721e0041cda3a4c8d4e6f3f25f90bff020aeea832a6a9
SSDEEP

384:YONXofZrGiUVIkTL01OnRtWwSP+GMqjSuRdkKHg/:DXoZ9VCtW8GMCSuxH4

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Targets

- Target
  
  r.exe
- Size
  
  43KB
- MD5
  
  6c49ace857480720fa4d18b7e23062b4
- SHA1
  
  907796193f4504d9b9e1f8bf371f830d164ecf35
- SHA256
  
  8cc1263adad9155fb1dc717950267662b3121fb7ea6c54361c28fd60fae8ed55
- SHA512
  
  38de4d64c7ce554ab342ef26eb85a4675a09ceb925baa16165d73afa0499da91d82e658d38de44191c47fd89a59548ef56cd591eb1751fcc0b7629838770dd27
- SSDEEP
  
  384:pZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWn5mgra:r99nU4pEqt5tKhohuuXQ/o8C+L
Score

10^/10

njrat hacked discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan

behavioral2

njrathackeddiscoverytrojan