njrat | cfa55c786466707fd1f1e89e3592860d69891f11872f1e7ceb19ab7ef2eeb82b | Triage

Sharing

General

Target

feedb910c6707a8a213d867a19c3a8f9_JaffaCakes118
Size

707KB
Sample

240929-t3zv7a1gnk
MD5

feedb910c6707a8a213d867a19c3a8f9
SHA1

8b98833d908b009f05afa687686b91f90b9102fc
SHA256

cfa55c786466707fd1f1e89e3592860d69891f11872f1e7ceb19ab7ef2eeb82b
SHA512

1cbcb233c32b231df860c75a4fa76a594062c70cc8720e7f75dac005f54303158c9161babb40b4a607e1f8526599ca29411f55bedc470a062fb6b112c4967103
SSDEEP

12288:T3pzVHgopJkemMSNaNyVyreJTPnt8NIu5P/ohxzQe18OLRX3YZc6RbHn:dz9gopFmMSNagUGTPnt8Nx5Yhx9ltsX

Score

10^/10

njrat discovery trojan

Malware Config

Targets

- Target
  
  feedb910c6707a8a213d867a19c3a8f9_JaffaCakes118
- Size
  
  707KB
- MD5
  
  feedb910c6707a8a213d867a19c3a8f9
- SHA1
  
  8b98833d908b009f05afa687686b91f90b9102fc
- SHA256
  
  cfa55c786466707fd1f1e89e3592860d69891f11872f1e7ceb19ab7ef2eeb82b
- SHA512
  
  1cbcb233c32b231df860c75a4fa76a594062c70cc8720e7f75dac005f54303158c9161babb40b4a607e1f8526599ca29411f55bedc470a062fb6b112c4967103
- SSDEEP
  
  12288:T3pzVHgopJkemMSNaNyVyreJTPnt8NIu5P/ohxzQe18OLRX3YZc6RbHn:dz9gopFmMSNagUGTPnt8Nx5Yhx9ltsX
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan