njrat | 940bed21e0749f10a7f5cc39535a43f6e124d8b54bdfe84ff96bf6c41c1b7de4 | Triage

Submit
Reports

Overview

overview

Static

static

3

NgDBXb2Ifxxw.exe

windows7-x64

NgDBXb2Ifxxw.exe

windows10-2004-x64

Sharing

General

Target

NgDBXb2Ifxxw.exe
Size

508KB
Sample

241003-s4g64ashkl
MD5

f644d38b419969bb1042d123796f8740
SHA1

ebbf86ed2cb7ef875f3a19950a39a22d99651ca9
SHA256

940bed21e0749f10a7f5cc39535a43f6e124d8b54bdfe84ff96bf6c41c1b7de4
SHA512

d2869301e5807f0a1eca4361e26f72cd80fed0d03c6c4faf3cd01f830d09039839cfca235c3f59637d071051175ddfa68c57d5306f88d80df6ce7f6c158a8520
SSDEEP

12288:0h1Lk70TnvjckQ/nwcdstBhJN3igQOy5bZaZjIzRXGxH+iDfupIj:Qk70TrcF/wcOn3i3Oy5l6jINWciD2pIj

Score

10^/10

njrat soft discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

NgDBXb2Ifxxw.exe

Resource

win7-20240729-en

njrat soft discovery trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

NgDBXb2Ifxxw.exe

Resource

win10v2004-20240802-en

njrat soft discovery trojan

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

SOFT

C2

45.84.227.157:5012

Mutex

0ec846a435bf91138081ad39491b85bb

Attributes

reg_key
0ec846a435bf91138081ad39491b85bb
splitter
|'|'|

Targets

- Target
  
  NgDBXb2Ifxxw.exe
- Size
  
  508KB
- MD5
  
  f644d38b419969bb1042d123796f8740
- SHA1
  
  ebbf86ed2cb7ef875f3a19950a39a22d99651ca9
- SHA256
  
  940bed21e0749f10a7f5cc39535a43f6e124d8b54bdfe84ff96bf6c41c1b7de4
- SHA512
  
  d2869301e5807f0a1eca4361e26f72cd80fed0d03c6c4faf3cd01f830d09039839cfca235c3f59637d071051175ddfa68c57d5306f88d80df6ce7f6c158a8520
- SSDEEP
  
  12288:0h1Lk70TnvjckQ/nwcdstBhJN3igQOy5bZaZjIzRXGxH+iDfupIj:Qk70TrcF/wcOn3i3Oy5l6jINWciD2pIj
Score

10^/10

njrat soft discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- .NET Reactor proctector
  Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratsoftdiscoverytrojan

behavioral2

njratsoftdiscoverytrojan

© 2018-2024

Terms | Privacy