Overview

overview

10

Static

static

3

3b96f1bd64...19.exe

windows7-x64

10

3b96f1bd64...19.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b96f1bd64bdc06dd9d1e790c4c4d319.exe

  • Size

    123KB

  • Sample

    240925-bxc55azdkd

  • MD5

    3b96f1bd64bdc06dd9d1e790c4c4d319

  • SHA1

    939424a3d6cb083a4123a2792d2dd0ee8b1c69e3

  • SHA256

    68d0c220c70ba7753fc2b1e11f3a8cc5e0d46574cbcb22326419370e3075026a

  • SHA512

    65bad018b1ed8ccdc33b36a273d4ad299a3a9b7c6d3fb7469a9b1c6e4110a969b48d8a6ddf86f7f87c87270c9b0b8d58d4537dbdd8c50ff5b517b504d1d867f3

  • SSDEEP

    3072:kjWw3BnrDSTZYUjfxbN4OqVF9mJ+7/WNGrHFNJnS8eZ0Jij6:kTnCTp5JOsJM/lrlNh

Score
10/10
njrathackedevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

19.ip.gl.ply.gg:42443

Mutex

c1f77453d4f3d154f8c1eedb0473faf9

Attributes
  • reg_key

    c1f77453d4f3d154f8c1eedb0473faf9

  • splitter

    |'|'|

Targets

    • Target

      3b96f1bd64bdc06dd9d1e790c4c4d319.exe

    • Size

      123KB

    • MD5

      3b96f1bd64bdc06dd9d1e790c4c4d319

    • SHA1

      939424a3d6cb083a4123a2792d2dd0ee8b1c69e3

    • SHA256

      68d0c220c70ba7753fc2b1e11f3a8cc5e0d46574cbcb22326419370e3075026a

    • SHA512

      65bad018b1ed8ccdc33b36a273d4ad299a3a9b7c6d3fb7469a9b1c6e4110a969b48d8a6ddf86f7f87c87270c9b0b8d58d4537dbdd8c50ff5b517b504d1d867f3

    • SSDEEP

      3072:kjWw3BnrDSTZYUjfxbN4OqVF9mJ+7/WNGrHFNJnS8eZ0Jij6:kTnCTp5JOsJM/lrlNh

    Score
    10/10
    njrathackedevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks