njrat | 05fb1f2607fc07650bfef4d68b96e311b21425eabaa9fa8eb5ff0f2274828a36 | Triage

Sharing

General

Target

JaffaCakes118_377179f58983528698d54d187d813393
Size

538KB
Sample

241231-z5jjwaslan
MD5

377179f58983528698d54d187d813393
SHA1

0f0e1ca715a02e97f6d4569367ea41527cee9712
SHA256

05fb1f2607fc07650bfef4d68b96e311b21425eabaa9fa8eb5ff0f2274828a36
SHA512

c8533bb44d0a30f19df4376f64983e0c50201b4281a7f571c6dda1164188562441848d9f5847b66b232d6e142a35b695d175bbe64ee29125b512ba1f5718bbd9
SSDEEP

12288:bTgWEaBhNkj2ayhxt8uQ3TUORQh5HSZqc+:F

Score

10^/10

njrat trojan

Malware Config

Extracted

Family

njrat

C2

206.123.129.13:1911

Mutex

95768135b1

Attributes

reg_key
95768135b1
splitter
@!#&^%$

Targets

- Target
  
  JaffaCakes118_377179f58983528698d54d187d813393
- Size
  
  538KB
- MD5
  
  377179f58983528698d54d187d813393
- SHA1
  
  0f0e1ca715a02e97f6d4569367ea41527cee9712
- SHA256
  
  05fb1f2607fc07650bfef4d68b96e311b21425eabaa9fa8eb5ff0f2274828a36
- SHA512
  
  c8533bb44d0a30f19df4376f64983e0c50201b4281a7f571c6dda1164188562441848d9f5847b66b232d6e142a35b695d175bbe64ee29125b512ba1f5718bbd9
- SSDEEP
  
  12288:bTgWEaBhNkj2ayhxt8uQ3TUORQh5HSZqc+:F
Score

10^/10

njrat trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2