njrat | fb731ca97406ae6dc235b69e8bca0d87e79f5e0a1c52f9e91f1775cea148d054

Resubmissions

12-01-2025 12:12

250112-pdfnss1qgx 10

12-01-2025 11:45

250112-nw4mxatlap 10

Sharing

Copy URL

Twitter E-mail

General

Target

Payload.exe
Size

55KB
Sample

250112-nw4mxatlap
MD5

a7b46a226d3b4e86c6d4700ed5dee333
SHA1

dfeaea8cbe59a1ec831aa288a1fc33639e8a7dd1
SHA256

fb731ca97406ae6dc235b69e8bca0d87e79f5e0a1c52f9e91f1775cea148d054
SHA512

3902246cba977c7dd4d74aad34a50af3250b51efe92f4010a060a3715ac3ff895a31481d18d311a1f3db5d1d248589d58a41e65d9768a95b9bb8031cab270026
SSDEEP

1536:ehDT8Dn+QNoB4vZ9Vk7dwmuXKDCwsNMD+XExI3pmgm:yf8Dn+nWTVk7umuXKDCwsNMD+XExI3pm

Score

10^/10

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

F9t family

japanese-cross.gl.at.ply.gg:16828

Mutex

0ecb0ae2cd4872c3a8e9ee19da99e4b8

Attributes

reg_key
0ecb0ae2cd4872c3a8e9ee19da99e4b8
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  Payload.exe
- Size
  
  55KB
- MD5
  
  a7b46a226d3b4e86c6d4700ed5dee333
- SHA1
  
  dfeaea8cbe59a1ec831aa288a1fc33639e8a7dd1
- SHA256
  
  fb731ca97406ae6dc235b69e8bca0d87e79f5e0a1c52f9e91f1775cea148d054
- SHA512
  
  3902246cba977c7dd4d74aad34a50af3250b51efe92f4010a060a3715ac3ff895a31481d18d311a1f3db5d1d248589d58a41e65d9768a95b9bb8031cab270026
- SSDEEP
  
  1536:ehDT8Dn+QNoB4vZ9Vk7dwmuXKDCwsNMD+XExI3pmgm:yf8Dn+nWTVk7umuXKDCwsNMD+XExI3pm
Score

10^/10

njrat discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Njrat family

njRAT/Bladabindi

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2