njrat | 4c041045f935948daa3fa5501705e1119581b34192f3c82dd3474b0e6d2fb934 | Triage

Sharing

General

Target

1ea0ce92a9671c932d4839291da7d91b.bin
Size

12KB
Sample

241109-bg88matfnd
MD5

05e0fdeca31073137595a9d026cab3b2
SHA1

093953eaa9d8de04d0b0461fc9b67c2f16b35982
SHA256

4c041045f935948daa3fa5501705e1119581b34192f3c82dd3474b0e6d2fb934
SHA512

f7e3ecf05d845aa55b8f43c4aac8b4711e95bfa15895fd661d2a67e9c2e9250e1b73af007b2e4ee389f712e3b81f408f200961bb652e1c0c4f985f9a80458bd3
SSDEEP

384:kf7YCQIb+5sxxTtUNuBwV5T0zNIdq+CzB+iCFfuL2BG:kfzQIbMsxZ60qV10oq+4pwuYG

Score

10^/10

njrat discovery persistence trojan

Malware Config

Targets

- Target
  
  09f6b7cdce51c287cd7e6b996b89b548827d9e6960a4ac3c24ce8572bb6f2aac.exe
- Size
  
  26KB
- MD5
  
  1ea0ce92a9671c932d4839291da7d91b
- SHA1
  
  25eaa42e77e876df66961a3b7360936acd3b941f
- SHA256
  
  09f6b7cdce51c287cd7e6b996b89b548827d9e6960a4ac3c24ce8572bb6f2aac
- SHA512
  
  a349bd4fd3c6db3df8b960b06aeba81613c03c2a39d3a428ada73a10054ac3a68ffae23860d333151abedaf577445a7ca6eaff5ad018b4d5cf74573827acf655
- SSDEEP
  
  384:wLduTaZIVi/dMkt1cpDkjetHzCYe/QBY2OzRLTm3yilqr6YqbdtVvGf:um0IVi/dMc1uT5e/WsX0VvGf
Score

10^/10

njrat discovery persistence trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverypersistencetrojan

behavioral2

njratdiscoverypersistencetrojan