General

  • Target

    68727ada30812394a13441b47a85f70c.exe

  • Size

    31KB

  • Sample

    240928-qphg7sxhlp

  • MD5

    68727ada30812394a13441b47a85f70c

  • SHA1

    88df82dfc945d8972e43fa338b40c2a001884e61

  • SHA256

    6f881e1052c12c0f98f059f796602945b01a359c8d6154eb0e731dd6309a5f93

  • SHA512

    6175b203d266e6ab6954cc3237525ba7cafa49235ba88432c031717bbaa5f335174cac916f1525c60ab974182e8c389cbc0c6dfdfba37a8be809b095983b00fd

  • SSDEEP

    768:UrhO5b13hdwzxLy3os0O/dMRvCnQmIDUu0tiFFKj:mcZ6eh6gQVkXj

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Test

C2

45.84.199.218:1604

Mutex

6a92a61ab784903efa726baa74e277ab

Attributes
  • reg_key

    6a92a61ab784903efa726baa74e277ab

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      68727ada30812394a13441b47a85f70c.exe

    • Size

      31KB

    • MD5

      68727ada30812394a13441b47a85f70c

    • SHA1

      88df82dfc945d8972e43fa338b40c2a001884e61

    • SHA256

      6f881e1052c12c0f98f059f796602945b01a359c8d6154eb0e731dd6309a5f93

    • SHA512

      6175b203d266e6ab6954cc3237525ba7cafa49235ba88432c031717bbaa5f335174cac916f1525c60ab974182e8c389cbc0c6dfdfba37a8be809b095983b00fd

    • SSDEEP

      768:UrhO5b13hdwzxLy3os0O/dMRvCnQmIDUu0tiFFKj:mcZ6eh6gQVkXj

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks