njrat | ae3ef2854150dc9e97f7d56b6933491f9cca296b8a8248b2e638d5362f1fc28b | Triage

Sharing

General

Target

JaffaCakes118_ae3ef2854150dc9e97f7d56b6933491f9cca296b8a8248b2e638d5362f1fc28b
Size

166KB
Sample

241230-erbxnaxpen
MD5

43f0afbb1eddf8e688a67c6cf65a7689
SHA1

29ae9717192462c31100f5d7d8db93f5b85382df
SHA256

ae3ef2854150dc9e97f7d56b6933491f9cca296b8a8248b2e638d5362f1fc28b
SHA512

e088452475330832b49fd66e88904deb9e36aa09041608831eff410f9e31f4bc3ba4749d49f492124480e10f79d85c20acce2d20a4831ae4a676985bf3bb83a0
SSDEEP

3072:IXFdMW/N1r5sFU8z2WePmVZ+6cfLbTg0Z4REC+RBs9CbVtg02:uFdirz2Wl+pLSyX7ssbA

Score

10^/10

njrat discovery

Malware Config

Targets

- Target
  
  JaffaCakes118_ae3ef2854150dc9e97f7d56b6933491f9cca296b8a8248b2e638d5362f1fc28b
- Size
  
  166KB
- MD5
  
  43f0afbb1eddf8e688a67c6cf65a7689
- SHA1
  
  29ae9717192462c31100f5d7d8db93f5b85382df
- SHA256
  
  ae3ef2854150dc9e97f7d56b6933491f9cca296b8a8248b2e638d5362f1fc28b
- SHA512
  
  e088452475330832b49fd66e88904deb9e36aa09041608831eff410f9e31f4bc3ba4749d49f492124480e10f79d85c20acce2d20a4831ae4a676985bf3bb83a0
- SSDEEP
  
  3072:IXFdMW/N1r5sFU8z2WePmVZ+6cfLbTg0Z4REC+RBs9CbVtg02:uFdirz2Wl+pLSyX7ssbA
Score

7^/10

discovery
- Drops startup file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2