njrat | 06c3f944b727c87972f9d56fea68a60f1af29b0e0c22277b5e41b99c8de09b69 | Triage

Sharing

General

Target

06c3f944b727c87972f9d56fea68a60f1af29b0e0c22277b5e41b99c8de09b69
Size

556KB
Sample

241125-m98ncatndv
MD5

1dc99b41c1208984206d0772b185f048
SHA1

de93c338c7e8972c06f8baa85b7f32280590b40f
SHA256

06c3f944b727c87972f9d56fea68a60f1af29b0e0c22277b5e41b99c8de09b69
SHA512

daac4683972ae6e2e2b1dbc491d91161ae01e03a159448cd06e61ddaa1a2fa11220b5e45f7bea3cdbe2ec85bb688c953c62618aba84ef16412f2acd2e2f27502
SSDEEP

6144:LT8x80a46mjAEaJ/aMQvFYZ0V5UWHiOBoqEBBHIcagKWsdLe3ZWKrvpNX3EsLK1Y:s5a46mjFcQ00HFCkKBcLemsLK1QJ4e

Score

10^/10

njrat steam discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

steam

C2

193.186.4.155:5136

Mutex

765ae8a70251ab6ea2a97fb80e3cfb11

Attributes

reg_key
765ae8a70251ab6ea2a97fb80e3cfb11
splitter
|'|'|

Targets

- Target
  
  06c3f944b727c87972f9d56fea68a60f1af29b0e0c22277b5e41b99c8de09b69
- Size
  
  556KB
- MD5
  
  1dc99b41c1208984206d0772b185f048
- SHA1
  
  de93c338c7e8972c06f8baa85b7f32280590b40f
- SHA256
  
  06c3f944b727c87972f9d56fea68a60f1af29b0e0c22277b5e41b99c8de09b69
- SHA512
  
  daac4683972ae6e2e2b1dbc491d91161ae01e03a159448cd06e61ddaa1a2fa11220b5e45f7bea3cdbe2ec85bb688c953c62618aba84ef16412f2acd2e2f27502
- SSDEEP
  
  6144:LT8x80a46mjAEaJ/aMQvFYZ0V5UWHiOBoqEBBHIcagKWsdLe3ZWKrvpNX3EsLK1Y:s5a46mjFcQ00HFCkKBcLemsLK1QJ4e
Score

10^/10

njrat steam discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratsteamdiscoverytrojan

behavioral2