Overview

overview

10

Static

static

3

76618841b8...f6.exe

windows7-x64

10

76618841b8...f6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76618841b8ca047be4e3985b65b33f284e92446c774df127aa5f584fa38a48f6.exe

  • Size

    123KB

  • Sample

    240926-calpestbpd

  • MD5

    61ae4aea70d5e2c89c5f4c77453a158a

  • SHA1

    be19c1e5f3d36df7b4f1bfd5c88465f7c1f124c4

  • SHA256

    76618841b8ca047be4e3985b65b33f284e92446c774df127aa5f584fa38a48f6

  • SHA512

    f0fa9452a8256e8a4784bcca2518e0b8faefcbbabd4e9bd517a66b820bcecf59da9455c170adce1ded19100baf4ce43e016b78be45a7af883b09cf1f79387a8e

  • SSDEEP

    3072:vqGlYGCqI9Z5JC6wiM+LhwlwqzIwgxBANC:yGDW9ZXCdvdKqzIg

Score
10/10
njrathackedevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

19.ip.gl.ply.gg:42443

Mutex

c1f77453d4f3d154f8c1eedb0473faf9

Attributes
  • reg_key

    c1f77453d4f3d154f8c1eedb0473faf9

  • splitter

    |'|'|

Targets

    • Target

      76618841b8ca047be4e3985b65b33f284e92446c774df127aa5f584fa38a48f6.exe

    • Size

      123KB

    • MD5

      61ae4aea70d5e2c89c5f4c77453a158a

    • SHA1

      be19c1e5f3d36df7b4f1bfd5c88465f7c1f124c4

    • SHA256

      76618841b8ca047be4e3985b65b33f284e92446c774df127aa5f584fa38a48f6

    • SHA512

      f0fa9452a8256e8a4784bcca2518e0b8faefcbbabd4e9bd517a66b820bcecf59da9455c170adce1ded19100baf4ce43e016b78be45a7af883b09cf1f79387a8e

    • SSDEEP

      3072:vqGlYGCqI9Z5JC6wiM+LhwlwqzIwgxBANC:yGDW9ZXCdvdKqzIg

    Score
    10/10
    njrathackedevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks