njrat | d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5 | Triage

Sharing

General

Target

d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5
Size

55KB
Sample

250114-lblkgstphz
MD5

7625416e1980deba8c4013e86bf6c9a9
SHA1

903a716e98b00ce4f4e339de05dd0281e86a3133
SHA256

d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5
SHA512

4981163d5f01d7c73ff958b948c2ff43a4149b8ebeb5d9df67bf66b0c90887d8a980fbd512a20128732db5ff8c0a1279c0ae63b675ddb4b6f95ce5e98ee66ab1
SSDEEP

1536:y1gcDnAvNtki5pKD6iwsNMDlXExI3pmAm:VcDnA9vKD6iwsNMDlXExI3pm

Score

10^/10

njrat victim discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

127.0.0.1:10675 :10676

Mutex

09b08cd18c97e1ec31f12c9159e6b777

Attributes

reg_key
09b08cd18c97e1ec31f12c9159e6b777
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5
- Size
  
  55KB
- MD5
  
  7625416e1980deba8c4013e86bf6c9a9
- SHA1
  
  903a716e98b00ce4f4e339de05dd0281e86a3133
- SHA256
  
  d3e51ad37e0d393e0d8df006b425138d4eb4cc4d4846e577237daf166be926a5
- SHA512
  
  4981163d5f01d7c73ff958b948c2ff43a4149b8ebeb5d9df67bf66b0c90887d8a980fbd512a20128732db5ff8c0a1279c0ae63b675ddb4b6f95ce5e98ee66ab1
- SSDEEP
  
  1536:y1gcDnAvNtki5pKD6iwsNMDlXExI3pmAm:VcDnA9vKD6iwsNMDlXExI3pm
Score

10^/10

njrat discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan