njrat | c7a2ec6110cfa5ae4b53b2b854013459bcdba8fff179bf95e5b707a2e4b98427

General

Target

Server.exe
Size

37KB
Sample

241202-sv8mpavphn
MD5

952ea2d47e241b1a82eeb265457c5644
SHA1

16048d925d1722c3a97bbbd0ab0dc05f169c1af7
SHA256

c7a2ec6110cfa5ae4b53b2b854013459bcdba8fff179bf95e5b707a2e4b98427
SHA512

9001eaa366acab6c0574912215d18d73ee944482a469243a0e40dc340a6523b4ce58ea0ed18f232eac8813477f5918c649353da0abd32c57fc3735721be407ad
SSDEEP

384:Io66MizdTjnBhFbJ8ycP3h3hNwKaB0rAF+rMRTyN/0L+EcoinblneHQM3epzXaNg:36QTlLJfcP3hH9amrM+rMRa8NuQWt

Score

10^/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

cnet-contracting.gl.at.ply.gg:10206

Mutex

3eec6dad022c4e8fee29e905fa2de108

Attributes

reg_key
3eec6dad022c4e8fee29e905fa2de108
splitter
|'|'|

Targets

- Target
  
  Server.exe
- Size
  
  37KB
- MD5
  
  952ea2d47e241b1a82eeb265457c5644
- SHA1
  
  16048d925d1722c3a97bbbd0ab0dc05f169c1af7
- SHA256
  
  c7a2ec6110cfa5ae4b53b2b854013459bcdba8fff179bf95e5b707a2e4b98427
- SHA512
  
  9001eaa366acab6c0574912215d18d73ee944482a469243a0e40dc340a6523b4ce58ea0ed18f232eac8813477f5918c649353da0abd32c57fc3735721be407ad
- SSDEEP
  
  384:Io66MizdTjnBhFbJ8ycP3h3hNwKaB0rAF+rMRTyN/0L+EcoinblneHQM3epzXaNg:36QTlLJfcP3hH9amrM+rMRa8NuQWt
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Njrat family

njRAT/Bladabindi

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2