njrat | 5df04e479ea8af49820ccd533240a0ee750bb6dcce6ca864f2e3bcd0c03104ff | Triage

Sharing

General

Target

svClient.exe
Size

23KB
Sample

241119-ejx5xs1bjp
MD5

ff1cdc6cc1dd1811ba8bcfe8ff959248
SHA1

3079eef789f30dba934bb732424a68410759e8b6
SHA256

5df04e479ea8af49820ccd533240a0ee750bb6dcce6ca864f2e3bcd0c03104ff
SHA512

686dc368f3c18e756d67231163547944f68efa2cb37e66470f8762ba0ca13c27d4130fe984418c14743d45bcd7e8256c57ddd0d9d050793111b170c8151da04f
SSDEEP

384:L0jeCIYTNQZUuQnJXJeCXlwhPQ6DgDOwBHhdmRvR6JZlbw8hqIusZzZttuJy:Y3jNAU/ZVXMRpcnuquQ

Score

10^/10

njrat hacked discovery

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

maximum-blame.gl.at.ply.gg:60000

Mutex

3688fb7716958cb73bc079332aca2d72

Attributes

reg_key
3688fb7716958cb73bc079332aca2d72
splitter
|'|'|

Targets

- Target
  
  svClient.exe
- Size
  
  23KB
- MD5
  
  ff1cdc6cc1dd1811ba8bcfe8ff959248
- SHA1
  
  3079eef789f30dba934bb732424a68410759e8b6
- SHA256
  
  5df04e479ea8af49820ccd533240a0ee750bb6dcce6ca864f2e3bcd0c03104ff
- SHA512
  
  686dc368f3c18e756d67231163547944f68efa2cb37e66470f8762ba0ca13c27d4130fe984418c14743d45bcd7e8256c57ddd0d9d050793111b170c8151da04f
- SSDEEP
  
  384:L0jeCIYTNQZUuQnJXJeCXlwhPQ6DgDOwBHhdmRvR6JZlbw8hqIusZzZttuJy:Y3jNAU/ZVXMRpcnuquQ
Score

3^/10

discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1