njrat | 10c62678ff57cc56bedfc78fcda402123cf9d3035b167cc0365ae39a9cf65770 | Triage

Sharing

General

Target

Server1.exe
Size

43KB
Sample

241228-gctj9swqcp
MD5

a3e5c581a9e0e9f81bd1e9f0249da970
SHA1

119f70ee6882799b9dae66f2d291e337be03ce02
SHA256

10c62678ff57cc56bedfc78fcda402123cf9d3035b167cc0365ae39a9cf65770
SHA512

f301d900b3d115d2d1c318fc750fcb5020d079ab8a94a211985d097131f17d78c08e1ed20f4f847fc4a2bd09e5ef9bc4448d6d4c01f062384f9119a162b1c163
SSDEEP

384:oZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWn5mgra:e99nU4pEqt5tKhohuuXQ/o8C+L

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

127.0.0.1:5552

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Targets

- Target
  
  Server1.exe
- Size
  
  43KB
- MD5
  
  a3e5c581a9e0e9f81bd1e9f0249da970
- SHA1
  
  119f70ee6882799b9dae66f2d291e337be03ce02
- SHA256
  
  10c62678ff57cc56bedfc78fcda402123cf9d3035b167cc0365ae39a9cf65770
- SHA512
  
  f301d900b3d115d2d1c318fc750fcb5020d079ab8a94a211985d097131f17d78c08e1ed20f4f847fc4a2bd09e5ef9bc4448d6d4c01f062384f9119a162b1c163
- SSDEEP
  
  384:oZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWn5mgra:e99nU4pEqt5tKhohuuXQ/o8C+L
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan

behavioral2

njrathackeddiscoverytrojan