njrat | 87124ba55c45642f67890b15ffd1bc0e7911bdf8647af2b3eb0e52073353271f | Triage

Sharing

General

Target

f941d4289c21e6869ccc150d0ac16949.exe
Size

31KB
Sample

250102-qg9xgswlcn
MD5

f941d4289c21e6869ccc150d0ac16949
SHA1

e83c6a286a32b1b92d03f93af7c7db1b98577f47
SHA256

87124ba55c45642f67890b15ffd1bc0e7911bdf8647af2b3eb0e52073353271f
SHA512

38da0fc14735c29e8fe395383b06155d658a48668f3f4a3f39e6e9ca5bbcac22a646d4d5e6d2572dacd5a5d05cf84478664954d30bc5dc55d371929e529cfe65
SSDEEP

768:1rhO5b13hdwzxLy3os0O/dMRvCnQmIDUu0tikFj:5cZ6eh6gQVkJj

Score

10^/10

njrat mybot discovery evasion persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

MyBot

C2

185.65.68.247:6522

Mutex

f09cc1168523e9783d4ea336fffe9971

Attributes

reg_key
f09cc1168523e9783d4ea336fffe9971
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  f941d4289c21e6869ccc150d0ac16949.exe
- Size
  
  31KB
- MD5
  
  f941d4289c21e6869ccc150d0ac16949
- SHA1
  
  e83c6a286a32b1b92d03f93af7c7db1b98577f47
- SHA256
  
  87124ba55c45642f67890b15ffd1bc0e7911bdf8647af2b3eb0e52073353271f
- SHA512
  
  38da0fc14735c29e8fe395383b06155d658a48668f3f4a3f39e6e9ca5bbcac22a646d4d5e6d2572dacd5a5d05cf84478664954d30bc5dc55d371929e529cfe65
- SSDEEP
  
  768:1rhO5b13hdwzxLy3os0O/dMRvCnQmIDUu0tikFj:5cZ6eh6gQVkJj
Score

10^/10

njrat discovery evasion persistence privilege_escalation trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

njratdiscoveryevasionpersistenceprivilege_escalationtrojan