njrat | e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052 | Triage

Sharing

General

Target

e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052N.exe
Size

23KB
Sample

241231-wnzyravkgm
MD5

c0896eab08c4745b28bf236dafee9410
SHA1

d07c2c94974dcb4a1ddbf21f772a276bc2f1f3a2
SHA256

e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052
SHA512

c0cbe75f2748067581f9ed00d6aa53bf59a3c18a9cc0a92229358b0a8a07118ea85168b21c46a4f5187f613427bb3852900c85569f829eab5de3c40b61eb07a0
SSDEEP

384:xT2x0W3qZN2ATtRGCfCo9D46BgnqUhL19mRvR6JZlbw8hqIusZzZ9Uu:uh+rdflRpcnuO

Score

10^/10

njrat hacked by lokn

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HaCkEd bY LoKn

C2

customers-edmonton.gl.at.ply.gg:28608

Mutex

5a0e6576524fad771bccf79eb40f7eca

Attributes

reg_key
5a0e6576524fad771bccf79eb40f7eca
splitter
|'|'|

Targets

- Target
  
  e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052N.exe
- Size
  
  23KB
- MD5
  
  c0896eab08c4745b28bf236dafee9410
- SHA1
  
  d07c2c94974dcb4a1ddbf21f772a276bc2f1f3a2
- SHA256
  
  e1b2b8b4e639ee0b1af5e499992074928ab0814477ccef7d1b6fb3f598154052
- SHA512
  
  c0cbe75f2748067581f9ed00d6aa53bf59a3c18a9cc0a92229358b0a8a07118ea85168b21c46a4f5187f613427bb3852900c85569f829eab5de3c40b61eb07a0
- SSDEEP
  
  384:xT2x0W3qZN2ATtRGCfCo9D46BgnqUhL19mRvR6JZlbw8hqIusZzZ9Uu:uh+rdflRpcnuO
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

hacked by loknnjrat

behavioral1

behavioral2