Overview

overview

10

Static

static

10

fa6a082e1b...18.exe

windows7-x64

10

fa6a082e1b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa6a082e1bcbc15ddab17b3116c2d0e7_JaffaCakes118

  • Size

    31KB

  • Sample

    240927-pq3n4asfpk

  • MD5

    fa6a082e1bcbc15ddab17b3116c2d0e7

  • SHA1

    e66e3bcaa1a390a260820734f7a49996a8915d92

  • SHA256

    82d733b553b60375f3ca4638c917849eb7aa91453b85eed27b44f13752976671

  • SHA512

    813895eaf3c063ea505f980c4345af4fd5e9ac23c579097625ee8407ce2c344858eb52ef0e369635cd07f764c23821e9b3f603988eb8331bd27bcdfd74fcd937

  • SSDEEP

    768:6bYlCtb1uszxH63WE2n3AvFvSIQmIDUu0tiFkj:rCzhwJvQVknj

Score
10/10
njratminecraftlauncherdiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MinecraftLauncher

C2

188.35.131.223:7777

Mutex

bb0f1073535838a2e4d08fd598e27db3

Attributes
  • reg_key

    bb0f1073535838a2e4d08fd598e27db3

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      fa6a082e1bcbc15ddab17b3116c2d0e7_JaffaCakes118

    • Size

      31KB

    • MD5

      fa6a082e1bcbc15ddab17b3116c2d0e7

    • SHA1

      e66e3bcaa1a390a260820734f7a49996a8915d92

    • SHA256

      82d733b553b60375f3ca4638c917849eb7aa91453b85eed27b44f13752976671

    • SHA512

      813895eaf3c063ea505f980c4345af4fd5e9ac23c579097625ee8407ce2c344858eb52ef0e369635cd07f764c23821e9b3f603988eb8331bd27bcdfd74fcd937

    • SSDEEP

      768:6bYlCtb1uszxH63WE2n3AvFvSIQmIDUu0tiFkj:rCzhwJvQVknj

    Score
    10/10
    njratdiscoveryevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.