njrat | 84baa90a226d364d74123b8024bacf0f4a830dc84818037b4e8375384fff3f69 | Triage

Sharing

General

Target

84baa90a226d364d74123b8024bacf0f4a830dc84818037b4e8375384fff3f69N
Size

55KB
Sample

241020-edd5vszapj
MD5

be8cd1da6a1058ae99f0719d05812090
SHA1

e87922d7417e674c8bfbf67e8773586614e4855d
SHA256

84baa90a226d364d74123b8024bacf0f4a830dc84818037b4e8375384fff3f69
SHA512

f233f34daf1df3d5b634f717f1d03fdbb2ce67db6aec51cd8bbd48758db686b9f62ca486d2f1b3323d398ea280f932ea39122c2977a62399071323b90d9f2899
SSDEEP

768:rlCPl+t1Man0KI2NO5SioJ3Q8kSN2mwFvfu0YMDHPs2/L7XJSxI3pmDm:rl2sDnXNO5SiKlD7wsNMDfXExI3pmDm

Score

10^/10

njrat victim discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

lyrics-sms.gl.at.ply.gg:19260

Mutex

f41801e34ac5328281785c840e14cb4f

Attributes

reg_key
f41801e34ac5328281785c840e14cb4f
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  84baa90a226d364d74123b8024bacf0f4a830dc84818037b4e8375384fff3f69N
- Size
  
  55KB
- MD5
  
  be8cd1da6a1058ae99f0719d05812090
- SHA1
  
  e87922d7417e674c8bfbf67e8773586614e4855d
- SHA256
  
  84baa90a226d364d74123b8024bacf0f4a830dc84818037b4e8375384fff3f69
- SHA512
  
  f233f34daf1df3d5b634f717f1d03fdbb2ce67db6aec51cd8bbd48758db686b9f62ca486d2f1b3323d398ea280f932ea39122c2977a62399071323b90d9f2899
- SSDEEP
  
  768:rlCPl+t1Man0KI2NO5SioJ3Q8kSN2mwFvfu0YMDHPs2/L7XJSxI3pmDm:rl2sDnXNO5SiKlD7wsNMDfXExI3pmDm
Score

10^/10

njrat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan