Overview

overview

10

Static

static

10

1f8a8f7310...45.exe

windows7-x64

8

1f8a8f7310...45.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1f8a8f7310cd5f1baef41d4fae942e13bf8e68a8bcd2080427c45bd54464eb45

  • Size

    37KB

  • Sample

    241019-xtklpasgpf

  • MD5

    558faf9b4265b9889cfda4fb5f5c8d91

  • SHA1

    432755700f6833291aa470e0cc07d6f0763d78c3

  • SHA256

    1f8a8f7310cd5f1baef41d4fae942e13bf8e68a8bcd2080427c45bd54464eb45

  • SHA512

    274c20e1338f0f23b3b2f064e6cef0a3054b4cabfb2d3e53f2fc69401f82dd04469dc6a3e408f716d96144920facd0c9eb62f3c8f605cae6b94d6ac2f63a1964

  • SSDEEP

    384:IVHZ1j6icnri5Z7JAyk/E4UfXDZeyEyqrAF+rMRTyN/0L+EcoinblneHQM3epzXT:2HfHJ7k/E4UbZrERrM+rMRa8Nu3Drt

Score
10/10
njrat1231othertotaldiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

1231otherTOTAL

C2

test001dz.ddns.net:80

Mutex

58e67120c2fb81de7d7bbabd63c44080

Attributes
  • reg_key

    58e67120c2fb81de7d7bbabd63c44080

  • splitter

    |'|'|

Targets

    • Target

      1f8a8f7310cd5f1baef41d4fae942e13bf8e68a8bcd2080427c45bd54464eb45

    • Size

      37KB

    • MD5

      558faf9b4265b9889cfda4fb5f5c8d91

    • SHA1

      432755700f6833291aa470e0cc07d6f0763d78c3

    • SHA256

      1f8a8f7310cd5f1baef41d4fae942e13bf8e68a8bcd2080427c45bd54464eb45

    • SHA512

      274c20e1338f0f23b3b2f064e6cef0a3054b4cabfb2d3e53f2fc69401f82dd04469dc6a3e408f716d96144920facd0c9eb62f3c8f605cae6b94d6ac2f63a1964

    • SSDEEP

      384:IVHZ1j6icnri5Z7JAyk/E4UfXDZeyEyqrAF+rMRTyN/0L+EcoinblneHQM3epzXT:2HfHJ7k/E4UbZrERrM+rMRa8Nu3Drt

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks