Overview

overview

10

Static

static

10

6d48ccbf40...e2.exe

windows7-x64

8

6d48ccbf40...e2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2.exe

  • Size

    93KB

  • Sample

    240917-bmg2bsyfjb

  • MD5

    1f41f02970cfdce69e628299a96d754d

  • SHA1

    fb04fa7cbe25caccd197dac9af74496e3b513866

  • SHA256

    6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2

  • SHA512

    aeec12de9fdffa33fa7123809c2e67b1a6fa786d7c8db210d622b76ddeb40ae631a1cc370644836618670e976dde42367818ce53097b1760493e63c73fa6ba29

  • SSDEEP

    1536:QxNJD/HBZbszKu9AZp77r1jEwzGi1dDrD7gS:QxUzK4AZtHCi1dr0

Score
10/10
njratcliendiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

clien

C2

hakim32.ddns.net:2000

147.185.221.18:61276
Mutex

f7e6d24b4a113d9753558dfbb032c2ac

Attributes
  • reg_key

    f7e6d24b4a113d9753558dfbb032c2ac

  • splitter

    |'|'|

Targets

    • Target

      6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2.exe

    • Size

      93KB

    • MD5

      1f41f02970cfdce69e628299a96d754d

    • SHA1

      fb04fa7cbe25caccd197dac9af74496e3b513866

    • SHA256

      6d48ccbf40f5f43149cb69f1659d683fc7eaf5cee527f724a1761e548c1a5fe2

    • SHA512

      aeec12de9fdffa33fa7123809c2e67b1a6fa786d7c8db210d622b76ddeb40ae631a1cc370644836618670e976dde42367818ce53097b1760493e63c73fa6ba29

    • SSDEEP

      1536:QxNJD/HBZbszKu9AZp77r1jEwzGi1dDrD7gS:QxUzK4AZtHCi1dr0

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks