njrat | 4ef0744fc089e39d5df8f87ba7ff0822a7573e4d2959aed85fab1f571994ba37 | Triage

Sharing

General

Target

e014e3dd1674edf3b9207978593dfe2c_JaffaCakes118
Size

69KB
Sample

240914-ng72sa1hqg
MD5

e014e3dd1674edf3b9207978593dfe2c
SHA1

d525686ccef30620e2cd022a4131668b40061b07
SHA256

4ef0744fc089e39d5df8f87ba7ff0822a7573e4d2959aed85fab1f571994ba37
SHA512

de69af436af5e251f30d731ce0461cdd840a5cde6a02ce43e1055b3dfb01c67fb04960e7aef5c9efec107029b86c7f82bb4e32d4e0fedc01d2d4fa312216ed69
SSDEEP

768:ksTfAiBOTUzGXMonQuiikFXb/o9PVE2y6Ox4714Vc:zMiBORBeikRolVE2A47z

Score

10^/10

njrat b hat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

59fc68913a114f1f97d5af6749ad3f0e

Attributes

reg_key
59fc68913a114f1f97d5af6749ad3f0e
splitter
|'|'|

Targets

- Target
  
  e014e3dd1674edf3b9207978593dfe2c_JaffaCakes118
- Size
  
  69KB
- MD5
  
  e014e3dd1674edf3b9207978593dfe2c
- SHA1
  
  d525686ccef30620e2cd022a4131668b40061b07
- SHA256
  
  4ef0744fc089e39d5df8f87ba7ff0822a7573e4d2959aed85fab1f571994ba37
- SHA512
  
  de69af436af5e251f30d731ce0461cdd840a5cde6a02ce43e1055b3dfb01c67fb04960e7aef5c9efec107029b86c7f82bb4e32d4e0fedc01d2d4fa312216ed69
- SSDEEP
  
  768:ksTfAiBOTUzGXMonQuiikFXb/o9PVE2y6Ox4714Vc:zMiBORBeikRolVE2A47z
Score

10^/10

njrat b hat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratb hatdiscoverytrojan

behavioral2

njratb hatdiscoverytrojan