njrat | d4505f8faf56e0ff680a7c13e9b2dfde5ef091352a2754cc059d6c95b1ed764a | Triage

Sharing

General

Target

JaffaCakes118_776bc344558e17c4f79a52eefd4af350
Size

63KB
Sample

250104-eaks8szkhx
MD5

776bc344558e17c4f79a52eefd4af350
SHA1

a4da5e693c29bf35b96543e37142d8b53dd11c19
SHA256

d4505f8faf56e0ff680a7c13e9b2dfde5ef091352a2754cc059d6c95b1ed764a
SHA512

5f8e3b5408226b8bc02f7ecfa815f703be044123ea88ce0fc40fa600d376b1fe67e7a05d7b43c5d5b16c0652a28c8bfaa12194295368ee11bc607bac7fc54efb
SSDEEP

1536:G3GNisbcrQ3KXyV+LKhpadsNbRPLN8GQhTUVYC3EW:bN0r3XyamrNdPR8GcYEW

Score

10^/10

njrat mourad discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Mourad

C2

halimoullah.no-ip.org:1234

Mutex

0e38f0c0b1d3bb006f8fbc6faf254716

Attributes

reg_key
0e38f0c0b1d3bb006f8fbc6faf254716
splitter
|'|'|

Targets

- Target
  
  JaffaCakes118_776bc344558e17c4f79a52eefd4af350
- Size
  
  63KB
- MD5
  
  776bc344558e17c4f79a52eefd4af350
- SHA1
  
  a4da5e693c29bf35b96543e37142d8b53dd11c19
- SHA256
  
  d4505f8faf56e0ff680a7c13e9b2dfde5ef091352a2754cc059d6c95b1ed764a
- SHA512
  
  5f8e3b5408226b8bc02f7ecfa815f703be044123ea88ce0fc40fa600d376b1fe67e7a05d7b43c5d5b16c0652a28c8bfaa12194295368ee11bc607bac7fc54efb
- SSDEEP
  
  1536:G3GNisbcrQ3KXyV+LKhpadsNbRPLN8GQhTUVYC3EW:bN0r3XyamrNdPR8GcYEW
Score

10^/10

njrat mourad discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratmouraddiscoverytrojan

behavioral2

njratmouraddiscoverytrojan