General

  • Target

    ef66e195b16d21be098863d08ef732915df47835b42b7641a7fc915f690b508eN

  • Size

    23KB

  • Sample

    241004-tex2pashrq

  • MD5

    c57af69431740be4a691d5d749265c90

  • SHA1

    1dcf40896ee9a465a9408a58f2e8896fe55fa3ee

  • SHA256

    ef66e195b16d21be098863d08ef732915df47835b42b7641a7fc915f690b508e

  • SHA512

    d861c392677e6b044109093db58562cb5c73a8eefc52ed978cae927a64291c49aea7bbafe2b3afa6426d75c49172f1651fe639a04afe45daa07759612948cae8

  • SSDEEP

    384:f+n2650N3qZbATcjRGC5Eo9D46BgnqUhay19mRvR6JZlbw8hqIusZzZ2Fg:4m+71d5bRpcnuu

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

voldemort1997.ddns.net:5553

Mutex

46c8cfd2eb014511308b7d227d6dd2df

Attributes
  • reg_key

    46c8cfd2eb014511308b7d227d6dd2df

  • splitter

    |'|'|

Targets

    • Target

      ef66e195b16d21be098863d08ef732915df47835b42b7641a7fc915f690b508eN

    • Size

      23KB

    • MD5

      c57af69431740be4a691d5d749265c90

    • SHA1

      1dcf40896ee9a465a9408a58f2e8896fe55fa3ee

    • SHA256

      ef66e195b16d21be098863d08ef732915df47835b42b7641a7fc915f690b508e

    • SHA512

      d861c392677e6b044109093db58562cb5c73a8eefc52ed978cae927a64291c49aea7bbafe2b3afa6426d75c49172f1651fe639a04afe45daa07759612948cae8

    • SSDEEP

      384:f+n2650N3qZbATcjRGC5Eo9D46BgnqUhay19mRvR6JZlbw8hqIusZzZ2Fg:4m+71d5bRpcnuu

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

MITRE ATT&CK Enterprise v15

Tasks