njrat | hxxps://mega[.]nz/file/aFB1VA4R#-_5zCZjiLTQw_mhuJwHgJvTLXAU9oexEG7LXQWYj1Do | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://mega.nz/file...

windows10-2004-x64

Sharing

General

Target

https://mega.nz/file/aFB1VA4R#-_5zCZjiLTQw_mhuJwHgJvTLXAU9oexEG7LXQWYj1Do
Sample

241224-eradts1mgv

Score

10^/10

njrat victim discovery trojan

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://mega.nz/file/aFB1VA4R#-_5zCZjiLTQw_mhuJwHgJvTLXAU9oexEG7LXQWYj1Do

Resource

win10v2004-20241007-en

njrat victim discovery trojan

windows10-2004-x64

16 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

0.7d | By Brontok

Botnet

Victim

C2

spk.accesscam.org:55554

Mutex

m9o1ocabbaxon9ndffebx7uutlcl49nl

Attributes

reg_key
m9o1ocabbaxon9ndffebx7uutlcl49nl
splitter
|'|'|

Targets

- Target
  
  https://mega.nz/file/aFB1VA4R#-_5zCZjiLTQw_mhuJwHgJvTLXAU9oexEG7LXQWYj1Do
Score

10^/10

njrat victim discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

njratvictimdiscoverytrojan

© 2018-2024

Terms | Privacy