njrat | 43deb5f75dff83f92d2202d243429fb5ab11ce76d37910f285852bb21720c84f | Triage

Sharing

General

Target

43deb5f75dff83f92d2202d243429fb5ab11ce76d37910f285852bb21720c84f
Size

283KB
Sample

241118-y6twkavfjp
MD5

457e6dde9b9a222f13926dbcf569c0a3
SHA1

d692b9400d7bbe5747eca83a523c5aecc60bd8f7
SHA256

43deb5f75dff83f92d2202d243429fb5ab11ce76d37910f285852bb21720c84f
SHA512

76a23947a006acd09d3e4e1485948c287411d57e55eefbfb53e68a8fc5d21ed2c91611a365ba7f346d3acb3e8e625bd2c594c81d5130ebe9696e666c0e903796
SSDEEP

6144:i/PXWcpLConxOeKELQyBbMRubcv03Vu8pzhDPTK5pqt55:m/oZdebMw4L8b/

Score

10^/10

njrat hacked evasion persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

21.ip.gl.ply.gg:20595

Mutex

9f12e06941670e24a2101c40e47643c3

Attributes

reg_key
9f12e06941670e24a2101c40e47643c3
splitter
|'|'|

Targets

- Target
  
  43deb5f75dff83f92d2202d243429fb5ab11ce76d37910f285852bb21720c84f
- Size
  
  283KB
- MD5
  
  457e6dde9b9a222f13926dbcf569c0a3
- SHA1
  
  d692b9400d7bbe5747eca83a523c5aecc60bd8f7
- SHA256
  
  43deb5f75dff83f92d2202d243429fb5ab11ce76d37910f285852bb21720c84f
- SHA512
  
  76a23947a006acd09d3e4e1485948c287411d57e55eefbfb53e68a8fc5d21ed2c91611a365ba7f346d3acb3e8e625bd2c594c81d5130ebe9696e666c0e903796
- SSDEEP
  
  6144:i/PXWcpLConxOeKELQyBbMRubcv03Vu8pzhDPTK5pqt55:m/oZdebMw4L8b/
Score

10^/10

njrat hacked evasion persistence privilege_escalation trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackedevasionpersistenceprivilege_escalationtrojan

behavioral2

njrathackedevasionpersistenceprivilege_escalationtrojan