njrat | 82d733b553b60375f3ca4638c917849eb7aa91453b85eed27b44f13752976671 | Triage

Sharing

General

Target

fa6a082e1bcbc15ddab17b3116c2d0e7_JaffaCakes118
Size

31KB
Sample

240927-pq3n4asfpk
MD5

fa6a082e1bcbc15ddab17b3116c2d0e7
SHA1

e66e3bcaa1a390a260820734f7a49996a8915d92
SHA256

82d733b553b60375f3ca4638c917849eb7aa91453b85eed27b44f13752976671
SHA512

813895eaf3c063ea505f980c4345af4fd5e9ac23c579097625ee8407ce2c344858eb52ef0e369635cd07f764c23821e9b3f603988eb8331bd27bcdfd74fcd937
SSDEEP

768:6bYlCtb1uszxH63WE2n3AvFvSIQmIDUu0tiFkj:rCzhwJvQVknj

Score

10^/10

njrat minecraftlauncher discovery evasion persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MinecraftLauncher

C2

188.35.131.223:7777

Mutex

bb0f1073535838a2e4d08fd598e27db3

Attributes

reg_key
bb0f1073535838a2e4d08fd598e27db3
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  fa6a082e1bcbc15ddab17b3116c2d0e7_JaffaCakes118
- Size
  
  31KB
- MD5
  
  fa6a082e1bcbc15ddab17b3116c2d0e7
- SHA1
  
  e66e3bcaa1a390a260820734f7a49996a8915d92
- SHA256
  
  82d733b553b60375f3ca4638c917849eb7aa91453b85eed27b44f13752976671
- SHA512
  
  813895eaf3c063ea505f980c4345af4fd5e9ac23c579097625ee8407ce2c344858eb52ef0e369635cd07f764c23821e9b3f603988eb8331bd27bcdfd74fcd937
- SSDEEP
  
  768:6bYlCtb1uszxH63WE2n3AvFvSIQmIDUu0tiFkj:rCzhwJvQVknj
Score

10^/10

njrat discovery evasion persistence privilege_escalation trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

minecraftlaunchernjrat

behavioral1

njratdiscoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

njratdiscoveryevasionpersistenceprivilege_escalationtrojan