njrat | d336304b2781482a95350fe68bcbb594b53b9f08e8c2d13c8f49950b2fa8a2e0 | Triage

Sharing

General

Target

BootstrapperV.1.18.exe
Size

55KB
Sample

241004-zngnyszfkh
MD5

3bba97d678905285e7aca9e994d2b8db
SHA1

6b6b2919de14e81df87ca77bd07587e1f22ddf4d
SHA256

d336304b2781482a95350fe68bcbb594b53b9f08e8c2d13c8f49950b2fa8a2e0
SHA512

7222e6a6c502aaf6b8793eb8dbd4b44442dbc192038205f587e874724acd2beae4558d05a1846d49682e925f20a1ab88a7fdd4e2484ff8bad67b52dbbf136ae6
SSDEEP

1536:6GLu8DnN8N1+S1Cl/BODtwsNMDqXExI3pmpm:08DnNGcXODtwsNMDqXExI3pm

Score

10^/10

njrat pack discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Pack

C2

gbyvwcn.localto.net:3906

Mutex

d78d7e2855c15bbee7722959f6687d91

Attributes

reg_key
d78d7e2855c15bbee7722959f6687d91
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  BootstrapperV.1.18.exe
- Size
  
  55KB
- MD5
  
  3bba97d678905285e7aca9e994d2b8db
- SHA1
  
  6b6b2919de14e81df87ca77bd07587e1f22ddf4d
- SHA256
  
  d336304b2781482a95350fe68bcbb594b53b9f08e8c2d13c8f49950b2fa8a2e0
- SHA512
  
  7222e6a6c502aaf6b8793eb8dbd4b44442dbc192038205f587e874724acd2beae4558d05a1846d49682e925f20a1ab88a7fdd4e2484ff8bad67b52dbbf136ae6
- SSDEEP
  
  1536:6GLu8DnN8N1+S1Cl/BODtwsNMDqXExI3pmpm:08DnNGcXODtwsNMDqXExI3pm
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan