njrat | 298d1b2eff82a81a0f04a11c39b6166fcf45439f8e24bfa320587d9e02a72a8e | Triage

Sharing

General

Target

fc7f53497b9287e6f9c48e4d0e81520b_JaffaCakes118
Size

40KB
Sample

240928-rv5qcszhnl
MD5

fc7f53497b9287e6f9c48e4d0e81520b
SHA1

ae779f62c23c34350ff30e61042d7b449eb40762
SHA256

298d1b2eff82a81a0f04a11c39b6166fcf45439f8e24bfa320587d9e02a72a8e
SHA512

03374dcd4b02389b995249bbb37ef006d271aaf5903f232d1e4f0c8888dfbbca765e2ef0ae46d82ae8f6620006a7e7382a02d4f6f38ad90cf8c290b1f9061a46
SSDEEP

768:KpD+Zwq3r1uFbaYh+Jnq7az+xRug+n2hpUE+fDNkQp6HwfCiQLzR:wD+HZuY5q7az+GgDbUfZkQTfCiQLzR

Score

10^/10

njrat b hat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

B HAT

Mutex

1fcb8fb3a4794ae29f1b8ef01d138a35

Attributes

reg_key
1fcb8fb3a4794ae29f1b8ef01d138a35
splitter
|'|'|

Targets

- Target
  
  fc7f53497b9287e6f9c48e4d0e81520b_JaffaCakes118
- Size
  
  40KB
- MD5
  
  fc7f53497b9287e6f9c48e4d0e81520b
- SHA1
  
  ae779f62c23c34350ff30e61042d7b449eb40762
- SHA256
  
  298d1b2eff82a81a0f04a11c39b6166fcf45439f8e24bfa320587d9e02a72a8e
- SHA512
  
  03374dcd4b02389b995249bbb37ef006d271aaf5903f232d1e4f0c8888dfbbca765e2ef0ae46d82ae8f6620006a7e7382a02d4f6f38ad90cf8c290b1f9061a46
- SSDEEP
  
  768:KpD+Zwq3r1uFbaYh+Jnq7az+xRug+n2hpUE+fDNkQp6HwfCiQLzR:wD+HZuY5q7az+GgDbUfZkQTfCiQLzR
Score

10^/10

njrat b hat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratb hatdiscoverytrojan

behavioral2

njratb hatdiscoverytrojan