njrat | d41d01815c6069b8b00bf76af27255bde4a42ad7da41ff37b7687246dcef4121 | Triage

Resubmissions

27-11-2024 08:07

241127-jzzqxa1rem 10

27-11-2024 08:00

241127-jv7wqavlh1 10

Sharing

General

Target

KiwiXV2.zip
Size

1.9MB
Sample

241127-jzzqxa1rem
MD5

4092079f655b2c1f998485a1be4d95ff
SHA1

ed2cd59eca0acc4f76673929200e1501f580e54d
SHA256

d41d01815c6069b8b00bf76af27255bde4a42ad7da41ff37b7687246dcef4121
SHA512

fa7bf35152c9144a6306a44409583b1590ec74eac51e6191b8533a9105efb1246685b0b142b8d52bc161d65867e274cf3a3782b6f1cd3ab2a6bf432de29ffbdc
SSDEEP

49152:ckFEIeK74h3OdesV3tvdc3WUUxTGFfe8gwO:2IeK76Wesi3WLgFe86

Score

10^/10

njrat negr12341 discovery

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

Negr12341

C2

5.39.43.50:7137

Mutex

4c2c2aa09d1de2ca95775b0e6edad78e

Attributes

reg_key
4c2c2aa09d1de2ca95775b0e6edad78e
splitter
|'|'|

Targets

- Target
  
  KiwiXV2.zip
- Size
  
  1.9MB
- MD5
  
  4092079f655b2c1f998485a1be4d95ff
- SHA1
  
  ed2cd59eca0acc4f76673929200e1501f580e54d
- SHA256
  
  d41d01815c6069b8b00bf76af27255bde4a42ad7da41ff37b7687246dcef4121
- SHA512
  
  fa7bf35152c9144a6306a44409583b1590ec74eac51e6191b8533a9105efb1246685b0b142b8d52bc161d65867e274cf3a3782b6f1cd3ab2a6bf432de29ffbdc
- SSDEEP
  
  49152:ckFEIeK74h3OdesV3tvdc3WUUxTGFfe8gwO:2IeK76Wesi3WLgFe86
Score

7^/10

discovery
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1