Overview

overview

10

Static

static

10

499323c1fb...0N.exe

windows7-x64

10

499323c1fb...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    499323c1fbe0b553697c38b0dcbfc580N

  • Size

    31KB

  • Sample

    240909-p1a2tsycmn

  • MD5

    499323c1fbe0b553697c38b0dcbfc580

  • SHA1

    df4b7ea39f85650d2f394c07e3bb2bdee8db88c7

  • SHA256

    97b66402061027edb113f521c519d31d2797dea981e3ca6b203336a179608cee

  • SHA512

    0ad5d07783a7455ffb915f1dbbf6068b9cf2dde4872f4b55e83ff00e699081a966ac864600f88ddf475a61706e38f040c4bdf7aa3c8a1fd4b08fd2b2e2feadad

  • SSDEEP

    768:AMtJEpBZhjzOzx5+R4s/Hu56HdAbiTinvanQmIDUu0tiQhKj:OD6uukAbiT6UQVkuj

Score
10/10
njratmybotdiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

127.0.0.1:1024

Mutex

e6d25ec62cc6fbc9281498d9f9c8064e

Attributes
  • reg_key

    e6d25ec62cc6fbc9281498d9f9c8064e

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      499323c1fbe0b553697c38b0dcbfc580N

    • Size

      31KB

    • MD5

      499323c1fbe0b553697c38b0dcbfc580

    • SHA1

      df4b7ea39f85650d2f394c07e3bb2bdee8db88c7

    • SHA256

      97b66402061027edb113f521c519d31d2797dea981e3ca6b203336a179608cee

    • SHA512

      0ad5d07783a7455ffb915f1dbbf6068b9cf2dde4872f4b55e83ff00e699081a966ac864600f88ddf475a61706e38f040c4bdf7aa3c8a1fd4b08fd2b2e2feadad

    • SSDEEP

      768:AMtJEpBZhjzOzx5+R4s/Hu56HdAbiTinvanQmIDUu0tiQhKj:OD6uukAbiT6UQVkuj

    Score
    10/10
    njratdiscoveryevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks