njrat | 46e741710519cef00797e5c42ea46e1e21e4e8b755ca8fd99e6594d1c3f4152d | Triage

Sharing

General

Target

Payload.exe
Size

55KB
Sample

240831-qsqb8awcpj
MD5

2e19d455101479e4d77e161c71fb45d9
SHA1

161daafd198a107fca200270c25a108ce8cbff5c
SHA256

46e741710519cef00797e5c42ea46e1e21e4e8b755ca8fd99e6594d1c3f4152d
SHA512

694ea58033511a2312f4e144f0949591e12618cc4860d47eb33dd3b2e49859e19108f335f535dd016326b686a6217a42cd5ffa8bc021cb9e1c1789c056b7f554
SSDEEP

1536:oEpgDnUN8evqZl5uDBwsNMDvXExI3pmjm:3gDnPgqb5uDBwsNMDvXExI3pm

Score

10^/10

njrat victim discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

94.13.152.8:25565

Mutex

da57ac2dfb8942c3da7edc2214efa4cd

Attributes

reg_key
da57ac2dfb8942c3da7edc2214efa4cd
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  Payload.exe
- Size
  
  55KB
- MD5
  
  2e19d455101479e4d77e161c71fb45d9
- SHA1
  
  161daafd198a107fca200270c25a108ce8cbff5c
- SHA256
  
  46e741710519cef00797e5c42ea46e1e21e4e8b755ca8fd99e6594d1c3f4152d
- SHA512
  
  694ea58033511a2312f4e144f0949591e12618cc4860d47eb33dd3b2e49859e19108f335f535dd016326b686a6217a42cd5ffa8bc021cb9e1c1789c056b7f554
- SSDEEP
  
  1536:oEpgDnUN8evqZl5uDBwsNMDvXExI3pmjm:3gDnPgqb5uDBwsNMDvXExI3pm
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan