njrat | 391d3357c3e07d6444f6cd189f68d748c52444c30d3dd68282c50acf62e5db72 | Triage

Submit
Reports

Overview

overview

Static

static

3

c4a07f7612...de.exe

windows7-x64

c4a07f7612...de.exe

windows10-2004-x64

Sharing

General

Target

c4a07f7612b822a1c6e6879ba5dcc5de.exe
Size

209KB
Sample

250102-k8eb1avpay
MD5

c4a07f7612b822a1c6e6879ba5dcc5de
SHA1

09d44c896d14e7df8d8da0d938235ee33c9b2281
SHA256

391d3357c3e07d6444f6cd189f68d748c52444c30d3dd68282c50acf62e5db72
SHA512

27c07202d83ac4593e1f734480f735e2b4d02bac4646211756eb852267aff8c1acbe974161c93ac6baf1981ad669b5a30f4d320bc26f4f1d1e71b2ed1dc90058
SSDEEP

3072:rR2EJHNNObrQy5y6GrEHBAnpK37nX9840BQ5f74tyJhcMKNFhHF+bs5iRXr:124NMbrQy7L8c0Fpgs5iJ

Score

10^/10

njrat byabolhb trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c4a07f7612b822a1c6e6879ba5dcc5de.exe

Resource

win7-20240729-en

njrat byabolhb trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c4a07f7612b822a1c6e6879ba5dcc5de.exe

Resource

win10v2004-20241007-en

njrat byabolhb trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

ByABOLHB

C2

abolhb.com:505

Mutex

165d6ed988ac

Attributes

reg_key
165d6ed988ac
splitter
|'|'|

Targets

- Target
  
  c4a07f7612b822a1c6e6879ba5dcc5de.exe
- Size
  
  209KB
- MD5
  
  c4a07f7612b822a1c6e6879ba5dcc5de
- SHA1
  
  09d44c896d14e7df8d8da0d938235ee33c9b2281
- SHA256
  
  391d3357c3e07d6444f6cd189f68d748c52444c30d3dd68282c50acf62e5db72
- SHA512
  
  27c07202d83ac4593e1f734480f735e2b4d02bac4646211756eb852267aff8c1acbe974161c93ac6baf1981ad669b5a30f4d320bc26f4f1d1e71b2ed1dc90058
- SSDEEP
  
  3072:rR2EJHNNObrQy5y6GrEHBAnpK37nX9840BQ5f74tyJhcMKNFhHF+bs5iRXr:124NMbrQy7L8c0Fpgs5iJ
Score

10^/10

njrat byabolhb trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratbyabolhbtrojan

behavioral2

njratbyabolhbtrojan

© 2018-2025

Terms | Privacy