Overview

overview

10

Static

static

10

Payload.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Payload.exe

  • Size

    55KB

  • Sample

    241003-jrbzwaweme

  • MD5

    22083c1737572d5008554502d5fa6472

  • SHA1

    0215475841738e2d3f2047724fc7aef260eff79b

  • SHA256

    b265e60e06bda29421a137a1758790c82f7a45becc3fd645138ab6bc6894f4e4

  • SHA512

    820182ce48e4cba18590d530a569f281d4d2a269ffe8939c3a5aef9a925c2775cda29df62a8cb8c82889cfa580e89a227ff24d7ee3f25a539bab19906a492762

  • SSDEEP

    768:ywbHFOt1MankGn2NsW6ingB3wkkSN5mwFvfu0YMDHPsXL7XJSxI3pmDm:ywZcDn4NsRinqtDAwsNMD6XExI3pmDm

Score
10/10
njratvictimdiscoverytrojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

florida-institutions.gl.at.ply.gg:1213

Mutex

a77bd20bbea714a3ca718e997d8bd60b

Attributes
  • reg_key

    a77bd20bbea714a3ca718e997d8bd60b

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      Payload.exe

    • Size

      55KB

    • MD5

      22083c1737572d5008554502d5fa6472

    • SHA1

      0215475841738e2d3f2047724fc7aef260eff79b

    • SHA256

      b265e60e06bda29421a137a1758790c82f7a45becc3fd645138ab6bc6894f4e4

    • SHA512

      820182ce48e4cba18590d530a569f281d4d2a269ffe8939c3a5aef9a925c2775cda29df62a8cb8c82889cfa580e89a227ff24d7ee3f25a539bab19906a492762

    • SSDEEP

      768:ywbHFOt1MankGn2NsW6ingB3wkkSN5mwFvfu0YMDHPsXL7XJSxI3pmDm:ywZcDn4NsRinqtDAwsNMD6XExI3pmDm

    Score
    10/10
    njratdiscoverytrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Drops desktop.ini file(s)

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks