njrat | c244bb2feb841188f383f4f5c0c2f5b6544808168f2f2ceaadf3eaefeeecd669 | Triage

Sharing

General

Target

c244bb2feb841188f383f4f5c0c2f5b6544808168f2f2ceaadf3eaefeeecd669.exe
Size

63KB
Sample

250107-rerhsswmal
MD5

77d4c97adec12a2bc31e14482231036d
SHA1

ec2082e39537ff8633585faf03a510264eb14b69
SHA256

c244bb2feb841188f383f4f5c0c2f5b6544808168f2f2ceaadf3eaefeeecd669
SHA512

90d15de3d731912c60ba38b390807063b77df75a0a0442f9072b951794b5c4217c8b7601dbf8a905bac9ea53e734015957c2c347cb7f35a9848f73179dbc3ba5
SSDEEP

1536:G3GNisbcrQ3KXyV+LKhpadsNbRPLN8GQhTUVYC3EWz:bN0r3XyamrNdPR8GcYEWz

Score

10^/10

njrat mourad discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Mourad

C2

halimoullah.no-ip.org:1234

Mutex

0e38f0c0b1d3bb006f8fbc6faf254716

Attributes

reg_key
0e38f0c0b1d3bb006f8fbc6faf254716
splitter
|'|'|

Targets

- Target
  
  c244bb2feb841188f383f4f5c0c2f5b6544808168f2f2ceaadf3eaefeeecd669.exe
- Size
  
  63KB
- MD5
  
  77d4c97adec12a2bc31e14482231036d
- SHA1
  
  ec2082e39537ff8633585faf03a510264eb14b69
- SHA256
  
  c244bb2feb841188f383f4f5c0c2f5b6544808168f2f2ceaadf3eaefeeecd669
- SHA512
  
  90d15de3d731912c60ba38b390807063b77df75a0a0442f9072b951794b5c4217c8b7601dbf8a905bac9ea53e734015957c2c347cb7f35a9848f73179dbc3ba5
- SSDEEP
  
  1536:G3GNisbcrQ3KXyV+LKhpadsNbRPLN8GQhTUVYC3EWz:bN0r3XyamrNdPR8GcYEWz
Score

10^/10

njrat mourad discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratmouraddiscoverytrojan

behavioral2

njratmouraddiscoverytrojan