njrat | f387495a19565298da82fe21ab89a18793055c751557ed1e10145fe07f0d0cd3 | Triage

Sharing

General

Target

System.exe
Size

43KB
Sample

241124-ksww4sspbt
MD5

79883d324ddf30f7c4d20587d9bf1d42
SHA1

3bd4ab4de6cdfa463a5777c55d216fdd31d85d37
SHA256

f387495a19565298da82fe21ab89a18793055c751557ed1e10145fe07f0d0cd3
SHA512

efbd2c828f2e361e6555aebd27e18ca13d82c99d5bd010ba8931901fc2bdd182080232e20f60d3faa138654adf4944541cd914946ca12ce658542db37942ad5d
SSDEEP

384:xZy5n2+Ww9xo1iDc8y2O1kl2thNElAWbDdzmzcIij+ZsNO3PlpJKkkjh/TzF7pWu:jIqU452k06ibmuXQ/o81+Lr

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

hospital-selling.gl.at.ply.gg:4839

Mutex

Bloxstrap Updater

Attributes

reg_key
Bloxstrap Updater
splitter
|Hassan|

Targets

- Target
  
  System.exe
- Size
  
  43KB
- MD5
  
  79883d324ddf30f7c4d20587d9bf1d42
- SHA1
  
  3bd4ab4de6cdfa463a5777c55d216fdd31d85d37
- SHA256
  
  f387495a19565298da82fe21ab89a18793055c751557ed1e10145fe07f0d0cd3
- SHA512
  
  efbd2c828f2e361e6555aebd27e18ca13d82c99d5bd010ba8931901fc2bdd182080232e20f60d3faa138654adf4944541cd914946ca12ce658542db37942ad5d
- SSDEEP
  
  384:xZy5n2+Ww9xo1iDc8y2O1kl2thNElAWbDdzmzcIij+ZsNO3PlpJKkkjh/TzF7pWu:jIqU452k06ibmuXQ/o81+Lr
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan