njrat | 24f04493d4565127c4423f157af0d5c49d9190dbdb33852ad1c134448c079731 | Triage

Sharing

General

Target

d708a35e2dc3ebb2d5da511e41e60384_JaffaCakes118
Size

81KB
Sample

240909-y4wblszenf
MD5

d708a35e2dc3ebb2d5da511e41e60384
SHA1

777dcce8f7f870f4cad2454430eafb87f51b6847
SHA256

24f04493d4565127c4423f157af0d5c49d9190dbdb33852ad1c134448c079731
SHA512

7feaa33b519a1c9f8b11d00f6e88ceaacef8d45472b0c7e634ebf2b73c5b3e3985addad8d9269f84457b9f7c5fa6cf6330938f23e6060e66eb2308fbfe3b63d2
SSDEEP

768:Vp9iJdlAzIteFz8Iyf3QvyA4ViTPmxw6NL25pmGCIpLz1Qcm2JnZE2S:VpAhmyA4VGuwtIzkAL

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

194.127.179.222:999

Mutex

3620d52ff4607cbdd63b509df0128e7f

Attributes

reg_key
3620d52ff4607cbdd63b509df0128e7f
splitter
|'|'|

Targets

- Target
  
  d708a35e2dc3ebb2d5da511e41e60384_JaffaCakes118
- Size
  
  81KB
- MD5
  
  d708a35e2dc3ebb2d5da511e41e60384
- SHA1
  
  777dcce8f7f870f4cad2454430eafb87f51b6847
- SHA256
  
  24f04493d4565127c4423f157af0d5c49d9190dbdb33852ad1c134448c079731
- SHA512
  
  7feaa33b519a1c9f8b11d00f6e88ceaacef8d45472b0c7e634ebf2b73c5b3e3985addad8d9269f84457b9f7c5fa6cf6330938f23e6060e66eb2308fbfe3b63d2
- SSDEEP
  
  768:Vp9iJdlAzIteFz8Iyf3QvyA4ViTPmxw6NL25pmGCIpLz1Qcm2JnZE2S:VpAhmyA4VGuwtIzkAL
Score

10^/10

njrat hacked discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan

behavioral2

njrathackeddiscoverytrojan