General

  • Target

    42a0b7f2d60be3ad77e2f17fb80cdb60d6b1eece7cbeefc2ed9042d7a164d579

  • Size

    31KB

  • Sample

    241009-y77h2sxfpe

  • MD5

    6bb3441b68faf311ee9a586fc45b2d0a

  • SHA1

    37c252ed1023e05d55149c8e9442733619914e10

  • SHA256

    42a0b7f2d60be3ad77e2f17fb80cdb60d6b1eece7cbeefc2ed9042d7a164d579

  • SHA512

    49f6907a26d7caaafe902d2cb73ff9af4fb84bb62bb3a31b27aff78e9371287a733b8391ff7516d7cf9d70ce66f2aa07435a1dd5f4b50454f44eedcc07835184

  • SSDEEP

    768:I9yesnuj9REzxv67S1g3NxtvCbQmIDUu0tiaPj:Wsuq2vcQVkRj

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

Mutex

6b3fad4737b03bebfba986615377eba5

Attributes
  • reg_key

    6b3fad4737b03bebfba986615377eba5

  • splitter

    Y262SUCZ4UJJ

Targets

    • Target

      42a0b7f2d60be3ad77e2f17fb80cdb60d6b1eece7cbeefc2ed9042d7a164d579

    • Size

      31KB

    • MD5

      6bb3441b68faf311ee9a586fc45b2d0a

    • SHA1

      37c252ed1023e05d55149c8e9442733619914e10

    • SHA256

      42a0b7f2d60be3ad77e2f17fb80cdb60d6b1eece7cbeefc2ed9042d7a164d579

    • SHA512

      49f6907a26d7caaafe902d2cb73ff9af4fb84bb62bb3a31b27aff78e9371287a733b8391ff7516d7cf9d70ce66f2aa07435a1dd5f4b50454f44eedcc07835184

    • SSDEEP

      768:I9yesnuj9REzxv67S1g3NxtvCbQmIDUu0tiaPj:Wsuq2vcQVkRj

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks