njrat | f224346929620555fc8ffea8a7814cccd5073434c3607583e4e87414cb599352 | Triage

Sharing

General

Target

spofrln.exe
Size

37KB
Sample

250103-nrpyystral
MD5

fdf0546d58297a6e51596876a12239b8
SHA1

e3a107f3f5a3d42548a1be0e8a23fc24206f70e5
SHA256

f224346929620555fc8ffea8a7814cccd5073434c3607583e4e87414cb599352
SHA512

56ab06704bb457c332afb7ea0703c826c1bf94dcc83912d8478d9b81d67e7e3eaffe25ba8883df39fb9ee3c0b0644b87cd0970274a6fc1717fa620af9e9deac7
SSDEEP

768:pulv2NWtkr+kJruz5irrM+rMRa8Nujp8t:kluNWiqk1u80+gRJNq

Score

10^/10

njrat ktx discovery trojan

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

ktx

C2

kartoxamc.ga:4726

Mutex

9bce47647dc8a6718dc5325121b298da

Attributes

reg_key
9bce47647dc8a6718dc5325121b298da
splitter
|'|'|

Targets

- Target
  
  spofrln.exe
- Size
  
  37KB
- MD5
  
  fdf0546d58297a6e51596876a12239b8
- SHA1
  
  e3a107f3f5a3d42548a1be0e8a23fc24206f70e5
- SHA256
  
  f224346929620555fc8ffea8a7814cccd5073434c3607583e4e87414cb599352
- SHA512
  
  56ab06704bb457c332afb7ea0703c826c1bf94dcc83912d8478d9b81d67e7e3eaffe25ba8883df39fb9ee3c0b0644b87cd0970274a6fc1717fa620af9e9deac7
- SSDEEP
  
  768:pulv2NWtkr+kJruz5irrM+rMRa8Nujp8t:kluNWiqk1u80+gRJNq
Score

10^/10

njrat ktx discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratktxdiscoverytrojan

behavioral2