njrat | 94a9f2fb29d7b3c1db158045ac7c4eb09cdd5fab7e97f90bd399214a5cc4f7f0 | Triage

Sharing

General

Target

94a9f2fb29d7b3c1db158045ac7c4eb09cdd5fab7e97f90bd399214a5cc4f7f0N
Size

55KB
Sample

241101-t555zssfpe
MD5

ae7265a4f6042c5806390ace83d19c10
SHA1

c3f38829f6c6b48077f16b4655bc9204e8ac09ad
SHA256

94a9f2fb29d7b3c1db158045ac7c4eb09cdd5fab7e97f90bd399214a5cc4f7f0
SHA512

666093d381b16dfbedafbe42f255937ee337d445b5077e8d7ef6be2f4ac490c19de12adb5d30f087472e94962534678e5c65eac7992f799cb5214396cd12827f
SSDEEP

768:0ja6lOt1Man8E2N6FikUt34okSN/mwFvfu0YMDHPsCL7XJSxI3pm4m:0j1cDnCN6FikSJDOwsNMDlXExI3pm4m

Score

10^/10

njrat victim discovery

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

hnb12324.ipjetable.net:1333

Mutex

beb9d3b73270d34cc002f7c28f96d413

Attributes

reg_key
beb9d3b73270d34cc002f7c28f96d413
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  94a9f2fb29d7b3c1db158045ac7c4eb09cdd5fab7e97f90bd399214a5cc4f7f0N
- Size
  
  55KB
- MD5
  
  ae7265a4f6042c5806390ace83d19c10
- SHA1
  
  c3f38829f6c6b48077f16b4655bc9204e8ac09ad
- SHA256
  
  94a9f2fb29d7b3c1db158045ac7c4eb09cdd5fab7e97f90bd399214a5cc4f7f0
- SHA512
  
  666093d381b16dfbedafbe42f255937ee337d445b5077e8d7ef6be2f4ac490c19de12adb5d30f087472e94962534678e5c65eac7992f799cb5214396cd12827f
- SSDEEP
  
  768:0ja6lOt1Man8E2N6FikUt34okSN/mwFvfu0YMDHPsCL7XJSxI3pm4m:0j1cDnCN6FikSJDOwsNMDlXExI3pm4m
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2