njrat | 4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814

Target

4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814.exe
Size

22KB
Sample

240928-mcp5qssgma
MD5

ee653dcd9ed87ec3319c0f443c8a54df
SHA1

63a45f8da331e303a8ae7e93df190a4443a13b57
SHA256

4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814
SHA512

e9cd28d1f6d4d9ddff7943021e3795489941f419aabd649b378d5d0992316751c5418068983b5d26feb6178c2ace2c12dded94839d1f70c6e59682c26562f5e2
SSDEEP

384:IsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZSZQ:/f65K2Yf1jKRpcnupQ

Score

10^/10

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

client

akamaru.ddns.net:1605

Mutex

aa15bd929c7132fe8f63fd4d0ae48d6c

Attributes

reg_key
aa15bd929c7132fe8f63fd4d0ae48d6c
splitter
|'|'|

Targets

- Target
  
  4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814.exe
- Size
  
  22KB
- MD5
  
  ee653dcd9ed87ec3319c0f443c8a54df
- SHA1
  
  63a45f8da331e303a8ae7e93df190a4443a13b57
- SHA256
  
  4a3f69c2613f4a514b1c904f7e019990d68718fbfdbb6ffe2896c50489ea5814
- SHA512
  
  e9cd28d1f6d4d9ddff7943021e3795489941f419aabd649b378d5d0992316751c5418068983b5d26feb6178c2ace2c12dded94839d1f70c6e59682c26562f5e2
- SSDEEP
  
  384:IsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZSZQ:/f65K2Yf1jKRpcnupQ
Score

10^/10

njrat client discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

njRAT/Bladabindi

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2