njrat | 9211a20e3c4a6f6fdbdaf69035686349ab47989585bbc9e36b7aa304c805a31a | Triage

Sharing

General

Target

9211a20e3c4a6f6fdbdaf69035686349ab47989585bbc9e36b7aa304c805a31aN
Size

33KB
Sample

240920-q4cv9szara
MD5

0d052a68cf7ca01c710d4ce7ea9dfe30
SHA1

52a482036a75664add6e214e0986c1303a1933eb
SHA256

9211a20e3c4a6f6fdbdaf69035686349ab47989585bbc9e36b7aa304c805a31a
SHA512

f9f995da76828ebc270b5d7c6468cd59647270e0d8e46be1341691fb32abe783982464a6531384780cc22b6ffe0313e7c3141cf2be9cf8f1a6637a569a156b28
SSDEEP

768:VvTnv6kk5ftm4uw4yNUHOj3t+UG78iK1KB/9dZ:tv6kk5ftjuw4y+S9nG4TgBF

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|'|'|

Targets

- Target
  
  9211a20e3c4a6f6fdbdaf69035686349ab47989585bbc9e36b7aa304c805a31aN
- Size
  
  33KB
- MD5
  
  0d052a68cf7ca01c710d4ce7ea9dfe30
- SHA1
  
  52a482036a75664add6e214e0986c1303a1933eb
- SHA256
  
  9211a20e3c4a6f6fdbdaf69035686349ab47989585bbc9e36b7aa304c805a31a
- SHA512
  
  f9f995da76828ebc270b5d7c6468cd59647270e0d8e46be1341691fb32abe783982464a6531384780cc22b6ffe0313e7c3141cf2be9cf8f1a6637a569a156b28
- SSDEEP
  
  768:VvTnv6kk5ftm4uw4yNUHOj3t+UG78iK1KB/9dZ:tv6kk5ftjuw4y+S9nG4TgBF
Score

10^/10

njrat hacked discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathacked discoverytrojan

behavioral2

njrathacked trojan