Overview

overview

10

Static

static

10

aae62bf7f5...6N.exe

windows7-x64

8

aae62bf7f5...6N.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aae62bf7f504dd192f5952a39345ea068acc2baab56e5b7a0a8d220918a07d16N.exe

  • Size

    93KB

  • Sample

    241201-x72r5azjb1

  • MD5

    1ada61599bc8148f9c2e9f872c23cc90

  • SHA1

    29cf599bd635c27258abefd808129dcbc9b29cd6

  • SHA256

    aae62bf7f504dd192f5952a39345ea068acc2baab56e5b7a0a8d220918a07d16

  • SHA512

    497856a9be3b87e43a6ffcafe3958e67ed15cc9956212ab5e47fe50eb68b95ca11bc28a1bb32934f7be49012e01c297a83f1fd9bd7ba255741ccbf94e2ca7779

  • SSDEEP

    1536:PUk1GkeUqZJO5iNSimjEwzGi1dDaDngS:PUPUqZJOQAOi1dMg

Score
10/10
njrathackeddiscoveryevasionpersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

94.140.244.222:56981
Mutex

12a6980bbc3e8583e225df29f90c66b9

Attributes
  • reg_key

    12a6980bbc3e8583e225df29f90c66b9

  • splitter

    |'|'|

Targets

    • Target

      aae62bf7f504dd192f5952a39345ea068acc2baab56e5b7a0a8d220918a07d16N.exe

    • Size

      93KB

    • MD5

      1ada61599bc8148f9c2e9f872c23cc90

    • SHA1

      29cf599bd635c27258abefd808129dcbc9b29cd6

    • SHA256

      aae62bf7f504dd192f5952a39345ea068acc2baab56e5b7a0a8d220918a07d16

    • SHA512

      497856a9be3b87e43a6ffcafe3958e67ed15cc9956212ab5e47fe50eb68b95ca11bc28a1bb32934f7be49012e01c297a83f1fd9bd7ba255741ccbf94e2ca7779

    • SSDEEP

      1536:PUk1GkeUqZJO5iNSimjEwzGi1dDaDngS:PUPUqZJOQAOi1dMg

    Score
    8/10
    discoveryevasionpersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks