njrat | 530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6 | Triage

Sharing

General

Target

530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6.exe
Size

32KB
Sample

240927-ye9spsycpc
MD5

4e849388a7a2c30669ffbff2977a8035
SHA1

bd52f72063ebc657f603b6730b9056f4b5e3ffae
SHA256

530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6
SHA512

aff6405eb43a45be438da4594d9901752f307c91ff6894125e2ae76237e2fedf7e74c37e78cbbbad65c51969ff7dfd643f9d6a8379b506ba28d2ec18b5edaec9
SSDEEP

384:Jl3kcQnkUoSsJGG5ZfB3yIwt4U3Qu0/7FTgPtTFAqzmhzsSi+:JWcQneSwP5ZRs4U3Ce4zsi

Score

10^/10

njrat b hat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

f3318e1003a844fb916db49e16afe376

Attributes

reg_key
f3318e1003a844fb916db49e16afe376
splitter
|'|'|

Targets

- Target
  
  530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6.exe
- Size
  
  32KB
- MD5
  
  4e849388a7a2c30669ffbff2977a8035
- SHA1
  
  bd52f72063ebc657f603b6730b9056f4b5e3ffae
- SHA256
  
  530d2f0345b4e64d7a15fce3c91ddd6f8b6122dc66fbf479bf20368d933c40c6
- SHA512
  
  aff6405eb43a45be438da4594d9901752f307c91ff6894125e2ae76237e2fedf7e74c37e78cbbbad65c51969ff7dfd643f9d6a8379b506ba28d2ec18b5edaec9
- SSDEEP
  
  384:Jl3kcQnkUoSsJGG5ZfB3yIwt4U3Qu0/7FTgPtTFAqzmhzsSi+:JWcQneSwP5ZRs4U3Ce4zsi
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan