njrat | 5cc4f99c6cd10641418d477ae8d07796f76577a374f0757b7c797ac098b34fba | Triage

Sharing

General

Target

5cc4f99c6cd10641418d477ae8d07796f76577a374f0757b7c797ac098b34fbaN
Size

23KB
Sample

240921-cm348szgnd
MD5

72ef8f275cfd89e04bfa69f8fefafe40
SHA1

c3c1fc5fc6e90c071030e48b9ef1a76f4c1c9c24
SHA256

5cc4f99c6cd10641418d477ae8d07796f76577a374f0757b7c797ac098b34fba
SHA512

c24a62c7c611e71b0ea102333a7db3bafb3782d6a9ce21ba351dc2c247ad66bcc3877297ef9b1689f2004711a3f7116e896581505af8ffcbf0135104a1676b22
SSDEEP

384:C0jeCIYTNQZUuQnJXJeCXlwhPQ6VgDOwBHhdmRvR6JZlbw8hqIusZzZbOJy:93jNAU/ZVX6RpcnuJQ

Score

10^/10

njrat mybot discovery evasion persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

individual-katrina.gl.at.ply.gg:26471

Mutex

c99dcd0d75865d22b4542d4ecd22f864

Attributes

reg_key
c99dcd0d75865d22b4542d4ecd22f864
splitter
|'|'|

Targets

- Target
  
  5cc4f99c6cd10641418d477ae8d07796f76577a374f0757b7c797ac098b34fbaN
- Size
  
  23KB
- MD5
  
  72ef8f275cfd89e04bfa69f8fefafe40
- SHA1
  
  c3c1fc5fc6e90c071030e48b9ef1a76f4c1c9c24
- SHA256
  
  5cc4f99c6cd10641418d477ae8d07796f76577a374f0757b7c797ac098b34fba
- SHA512
  
  c24a62c7c611e71b0ea102333a7db3bafb3782d6a9ce21ba351dc2c247ad66bcc3877297ef9b1689f2004711a3f7116e896581505af8ffcbf0135104a1676b22
- SSDEEP
  
  384:C0jeCIYTNQZUuQnJXJeCXlwhPQ6VgDOwBHhdmRvR6JZlbw8hqIusZzZbOJy:93jNAU/ZVX6RpcnuJQ
Score

10^/10

njrat discovery evasion persistence privilege_escalation trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

njratdiscoveryevasionpersistenceprivilege_escalationtrojan