Overview

overview

10

Static

static

10

2e5eece252...0N.exe

windows7-x64

8

2e5eece252...0N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e5eece252128b7fe494993f6b3f4980N

  • Size

    37KB

  • Sample

    240908-ysakrswajh

  • MD5

    2e5eece252128b7fe494993f6b3f4980

  • SHA1

    6978d246c49482f5b9d9f7b3f988d76e4e43b85e

  • SHA256

    2427bd82dbcc0fef8a800af605bd6cb9cf85bc2a1e47b83a927b7254e7193b98

  • SHA512

    85de84f7e3cf55d4d0f505a101c1f39e00062338a20aa41be31ff587a674d9f247c00995d9914a135489f19b83bc34ad64a309d3bbd491c767c90b1a687bfc70

  • SSDEEP

    384:9QeKIiejZCVLO309QmykrtE0deYnfKvG46drAF+rMRTyN/0L+EcoinblneHQM3eH:izdGdkrK6PKO42rM+rMRa8Nudjt

Score
10/10
njrathackeddiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

26.55.48.203:5552

Mutex

f4ea933d516c317cbb8fecf65bdcbc12

Attributes
  • reg_key

    f4ea933d516c317cbb8fecf65bdcbc12

  • splitter

    |'|'|

Targets

    • Target

      2e5eece252128b7fe494993f6b3f4980N

    • Size

      37KB

    • MD5

      2e5eece252128b7fe494993f6b3f4980

    • SHA1

      6978d246c49482f5b9d9f7b3f988d76e4e43b85e

    • SHA256

      2427bd82dbcc0fef8a800af605bd6cb9cf85bc2a1e47b83a927b7254e7193b98

    • SHA512

      85de84f7e3cf55d4d0f505a101c1f39e00062338a20aa41be31ff587a674d9f247c00995d9914a135489f19b83bc34ad64a309d3bbd491c767c90b1a687bfc70

    • SSDEEP

      384:9QeKIiejZCVLO309QmykrtE0deYnfKvG46drAF+rMRTyN/0L+EcoinblneHQM3eH:izdGdkrK6PKO42rM+rMRa8Nudjt

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks