njrat | e04472ae9698bdd154f51e10f33e3aa79f5c71fcec3018d273fa56816ceba173 | Triage

Resubmissions

12-01-2025 11:38

250112-nr1epatjgk 10

Sharing

General

Target

WindowsApp1.exe
Size

291KB
Sample

250112-nr1epatjgk
MD5

3693bc9a8fd8f0156d259498aa1b942a
SHA1

2815628498375d5b9bb07b1ab0a0980cda1a1c29
SHA256

e04472ae9698bdd154f51e10f33e3aa79f5c71fcec3018d273fa56816ceba173
SHA512

04b568d100016aef533af800f92d7e1bfdf3ee3b8231e6bf5320b1a07ddf3121346b83f11134c9c49bedd73ea5e3f5b43e60dff162823d1ddcb4401992bcb11a
SSDEEP

6144:DlSYn8vdBsVuxdlq4VWYPAWzpqErWqdDQy81hecyKEPAE4s:DuoVwHvAapqEa31hecyCX

Score

10^/10

njrat fucked by kev discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

fucked by kev

C2

japanese-cross.gl.at.ply.gg:16828

Mutex

11f854de8c8a1529a4c6e63081a55988

Attributes

reg_key
11f854de8c8a1529a4c6e63081a55988
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  WindowsApp1.exe
- Size
  
  291KB
- MD5
  
  3693bc9a8fd8f0156d259498aa1b942a
- SHA1
  
  2815628498375d5b9bb07b1ab0a0980cda1a1c29
- SHA256
  
  e04472ae9698bdd154f51e10f33e3aa79f5c71fcec3018d273fa56816ceba173
- SHA512
  
  04b568d100016aef533af800f92d7e1bfdf3ee3b8231e6bf5320b1a07ddf3121346b83f11134c9c49bedd73ea5e3f5b43e60dff162823d1ddcb4401992bcb11a
- SSDEEP
  
  6144:DlSYn8vdBsVuxdlq4VWYPAWzpqErWqdDQy81hecyKEPAE4s:DuoVwHvAapqEa31hecyCX
Score

10^/10

njrat fucked by kev discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratfucked by kev discoverytrojan

behavioral2

njratdiscoverytrojan