Overview

overview

10

Static

static

10

23007b1e86...18.exe

windows7-x64

10

23007b1e86...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    23007b1e86824e04c385e14dec908838_JaffaCakes118

  • Size

    31KB

  • Sample

    241008-wgmpvaycmr

  • MD5

    23007b1e86824e04c385e14dec908838

  • SHA1

    a5a94d35a8794ef65e570165100180b7d2ec4180

  • SHA256

    6dae0642e50865b6bedabde1b5603f134f9c49fb6ca658dc007a7659c8f7fc3e

  • SHA512

    24f9e988930ef5ed17321954e2e726c41e06152200812c9c66cbeaabccde20614980688081c4f65a776948eb14bde5f1833ec1a43358a414aea780c06c6eff0a

  • SSDEEP

    768:K9SB69DdxkzxP6bg0aG3NQNvCPQmIDUu0tiQOj:/qqG7iwQVkWj

Score
10/10
njratmybotdiscoveryevasionpersistenceprivilege_escalationtrojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

176.117.192.116:6522

Mutex

db5e0f9b50d89780847ace0bd3b8e41f

Attributes
  • reg_key

    db5e0f9b50d89780847ace0bd3b8e41f

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      23007b1e86824e04c385e14dec908838_JaffaCakes118

    • Size

      31KB

    • MD5

      23007b1e86824e04c385e14dec908838

    • SHA1

      a5a94d35a8794ef65e570165100180b7d2ec4180

    • SHA256

      6dae0642e50865b6bedabde1b5603f134f9c49fb6ca658dc007a7659c8f7fc3e

    • SHA512

      24f9e988930ef5ed17321954e2e726c41e06152200812c9c66cbeaabccde20614980688081c4f65a776948eb14bde5f1833ec1a43358a414aea780c06c6eff0a

    • SSDEEP

      768:K9SB69DdxkzxP6bg0aG3NQNvCPQmIDUu0tiQOj:/qqG7iwQVkWj

    Score
    10/10
    njratdiscoveryevasionpersistenceprivilege_escalationtrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks