njrat | 11e72b48e71d4a5aaa3f571a689ee617cd6060916a2fadf4e9492c7bd5cf6493 | Triage

Sharing

General

Target

e3d7a8a871160f0161e860716766a66e_JaffaCakes118
Size

707KB
Sample

240916-cws1mavdrk
MD5

e3d7a8a871160f0161e860716766a66e
SHA1

e687eb1959b0312ae8dd93e9fa5b423b30b6ee29
SHA256

11e72b48e71d4a5aaa3f571a689ee617cd6060916a2fadf4e9492c7bd5cf6493
SHA512

4d680b6133735253fb7c4146ed5ad1ce29c03c6eac9e4bc5960350da5d5d401451d5c3360e9668559b4ebfb18c378c655639a1ed21f67c0e5d8f19a6a053874b
SSDEEP

12288:F3pzVHgopJkemMSNaNyVyreJTPnt8NIu5P/ohxzQe18OLRX3YZc6RbHn:7z9gopFmMSNagUGTPnt8Nx5Yhx9ltsX

Score

10^/10

njrat discovery trojan

Malware Config

Targets

- Target
  
  e3d7a8a871160f0161e860716766a66e_JaffaCakes118
- Size
  
  707KB
- MD5
  
  e3d7a8a871160f0161e860716766a66e
- SHA1
  
  e687eb1959b0312ae8dd93e9fa5b423b30b6ee29
- SHA256
  
  11e72b48e71d4a5aaa3f571a689ee617cd6060916a2fadf4e9492c7bd5cf6493
- SHA512
  
  4d680b6133735253fb7c4146ed5ad1ce29c03c6eac9e4bc5960350da5d5d401451d5c3360e9668559b4ebfb18c378c655639a1ed21f67c0e5d8f19a6a053874b
- SSDEEP
  
  12288:F3pzVHgopJkemMSNaNyVyreJTPnt8NIu5P/ohxzQe18OLRX3YZc6RbHn:7z9gopFmMSNagUGTPnt8Nx5Yhx9ltsX
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan