njrat | 56cb9a9aba2aa8d2ffa070fc15524cc0d4cb4b971cfd4f2c5fd089f18a9159bf | Triage

Sharing

General

Target

spam_discord.exe
Size

33KB
Sample

241110-js9mjawkfm
MD5

ae8f6efb07eca4eddd606257a09db80d
SHA1

1aec86f9a257129e92328cc499788ef9d634dbfd
SHA256

56cb9a9aba2aa8d2ffa070fc15524cc0d4cb4b971cfd4f2c5fd089f18a9159bf
SHA512

05e0baa914947c9ac8cd29dcc7f374e4935167ee8a1c60ddf894a799bd9d7d7d0ae266e4ca64b06e5bf0411a36b558be1942763e349580c9929079a51d59c3a4
SSDEEP

768:VvTRf6qjU4X10zbvQX0O7yOCPijnXkWebNiPVSRiR:tRf6qjV1Qbv60O75CKjkWUG4y

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|'|'|

Targets

- Target
  
  spam_discord.exe
- Size
  
  33KB
- MD5
  
  ae8f6efb07eca4eddd606257a09db80d
- SHA1
  
  1aec86f9a257129e92328cc499788ef9d634dbfd
- SHA256
  
  56cb9a9aba2aa8d2ffa070fc15524cc0d4cb4b971cfd4f2c5fd089f18a9159bf
- SHA512
  
  05e0baa914947c9ac8cd29dcc7f374e4935167ee8a1c60ddf894a799bd9d7d7d0ae266e4ca64b06e5bf0411a36b558be1942763e349580c9929079a51d59c3a4
- SSDEEP
  
  768:VvTRf6qjU4X10zbvQX0O7yOCPijnXkWebNiPVSRiR:tRf6qjV1Qbv60O75CKjkWUG4y
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathacked discoverytrojan

behavioral2

njrathacked trojan