njrat | c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
12-10-2024 03:09

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe
Size

450KB
MD5

0cdcfd0f2e00569e5383c30523c795a0
SHA1

95f92c2c1a7b4b7feea5845869fbd677b58d3fea
SHA256

c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498
SHA512

8d704fbe2b970746bbc804f8a6ec712c57fe45b177316945a6be08767066de6a7761569dce6f0a0b8651fa4bd38696b918ee7b2971b86364628ba1b7cd2208ea
SSDEEP

12288:bImkStbLBTfYH6eFUIKH8gZ7QIy/1FR1s5MpbNewd3wo:rJYLE80MN

Score

10^/10

njrat trojan

Malware Config

Signatures

njRAT/Bladabindi
Widely used RAT written in .NET.
trojan njrat

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2180	2360	c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe	31
PID 2360 wrote to memory of 2180	2360	c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe	31
PID 2360 wrote to memory of 2180	2360	c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe	31

C:\Users\Admin\AppData\Local\Temp\c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe
"C:\Users\Admin\AppData\Local\Temp\c8e9bfca5c5b5121f675033f8ca05e88442910f3132549307619e21b6e0dd498N.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2360
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
  dw20.exe -x -s 396
  2⤵
  PID:2180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2180-281-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/2360-46-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-1-0x0000000000520000-0x0000000000552000-memory.dmp

Filesize
200KB

Download
memory/2360-3-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-44-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-8-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-20-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-36-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-52-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-66-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-64-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-62-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-60-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-58-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-56-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-54-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-50-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-48-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-0-0x000007FEF600E000-0x000007FEF600F000-memory.dmp

Filesize
4KB

Download
memory/2360-4-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-2-0x000007FEF5D50000-0x000007FEF66ED000-memory.dmp

Filesize
9.6MB

Download
memory/2360-38-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-40-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-34-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-32-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-30-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-28-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-26-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-24-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-22-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-18-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-16-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-14-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-12-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-10-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-6-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-42-0x0000000000520000-0x000000000054A000-memory.dmp

Filesize
168KB

Download
memory/2360-282-0x000007FEF5D50000-0x000007FEF66ED000-memory.dmp

Filesize
9.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads