njrat | 666c44645a47d99f05a04b4a277c3dcf75872dea4142207af0228f74f118f22b | Triage

Sharing

General

Target

f2c711289008701593dcb3e02e461ca9_JaffaCakes118
Size

69KB
Sample

240923-v4yj7aybph
MD5

f2c711289008701593dcb3e02e461ca9
SHA1

b3b01f026825a4d85345bd4afb4cea5d117fc7b3
SHA256

666c44645a47d99f05a04b4a277c3dcf75872dea4142207af0228f74f118f22b
SHA512

5995c618bb97a279971d52054b6052b9b4248fe0b88b45a8493bb8df9948e13cdf12d8172fa9c38f8b21c09350b9ddc803c9556caa48cc5a3b2a09c1167863d0
SSDEEP

768:BBTfAiBOTUzGXMonQuiikFXb/o9PVE2y6Ox47149:TMiBORBeikRolVE2A47g

Score

10^/10

njrat b hat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

59fc68913a114f1f97d5af6749ad3f0e

Attributes

reg_key
59fc68913a114f1f97d5af6749ad3f0e
splitter
|'|'|

Targets

- Target
  
  f2c711289008701593dcb3e02e461ca9_JaffaCakes118
- Size
  
  69KB
- MD5
  
  f2c711289008701593dcb3e02e461ca9
- SHA1
  
  b3b01f026825a4d85345bd4afb4cea5d117fc7b3
- SHA256
  
  666c44645a47d99f05a04b4a277c3dcf75872dea4142207af0228f74f118f22b
- SHA512
  
  5995c618bb97a279971d52054b6052b9b4248fe0b88b45a8493bb8df9948e13cdf12d8172fa9c38f8b21c09350b9ddc803c9556caa48cc5a3b2a09c1167863d0
- SSDEEP
  
  768:BBTfAiBOTUzGXMonQuiikFXb/o9PVE2y6Ox47149:TMiBORBeikRolVE2A47g
Score

10^/10

njrat b hat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratb hatdiscoverytrojan

behavioral2

njratb hatdiscoverytrojan