Overview

overview

10

Static

static

10

1e521ae4d9...0N.exe

windows7-x64

8

1e521ae4d9...0N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e521ae4d980c1653cb41fe538632420N.exe

  • Size

    37KB

  • Sample

    240901-e3cnbssamc

  • MD5

    1e521ae4d980c1653cb41fe538632420

  • SHA1

    1829352eafca4f5eed7b4afe4ad4d8b74ceb33a4

  • SHA256

    27f67a98be1c8b63e9f437a9f1f71e5a5665ad7bad42458456de42747ac98cf6

  • SHA512

    89d802e087c3d160654edb0b4f7ad44a7e044e7bd413cb3085cbb233c3a7196648c596ccb35c3a233d5e973fced6d11bed657684262bcbf565419565646c1f29

  • SSDEEP

    384:0+mBkiy1nDNGRn5IyUv8IR/hh0/aKVEcrAF+rMRTyN/0L+EcoinblneHQM3epzXv:hd5M5jUvxRoCKWcrM+rMRa8NuDPt

Score
10/10
njrathackeddiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

hostpidorasa.ddns.net:8888

Mutex

d9211e1b4db8f53b230d600f2f7f2c71

Attributes
  • reg_key

    d9211e1b4db8f53b230d600f2f7f2c71

  • splitter

    |'|'|

Targets

    • Target

      1e521ae4d980c1653cb41fe538632420N.exe

    • Size

      37KB

    • MD5

      1e521ae4d980c1653cb41fe538632420

    • SHA1

      1829352eafca4f5eed7b4afe4ad4d8b74ceb33a4

    • SHA256

      27f67a98be1c8b63e9f437a9f1f71e5a5665ad7bad42458456de42747ac98cf6

    • SHA512

      89d802e087c3d160654edb0b4f7ad44a7e044e7bd413cb3085cbb233c3a7196648c596ccb35c3a233d5e973fced6d11bed657684262bcbf565419565646c1f29

    • SSDEEP

      384:0+mBkiy1nDNGRn5IyUv8IR/hh0/aKVEcrAF+rMRTyN/0L+EcoinblneHQM3epzXv:hd5M5jUvxRoCKWcrM+rMRa8NuDPt

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks