njrat | e90374102de59fbaeacd4b4f0712debab611c1bbd4421ac54c436d6ab3d2b50b | Triage

Sharing

General

Target

e90374102de59fbaeacd4b4f0712debab611c1bbd4421ac54c436d6ab3d2b50b
Size

37KB
Sample

250121-jppg7atndt
MD5

e26a00c641bbcab21850f6db3900780a
SHA1

9f492f4fedd969ed6509fff99f55b1b27ed5b757
SHA256

e90374102de59fbaeacd4b4f0712debab611c1bbd4421ac54c436d6ab3d2b50b
SHA512

011a5642fe7cf4631d1f9d0cca0be27a981c64daef7879aa90e7210250efa4af5a1d24ef22d74518b1f1251a000d1a76e76b0152e7e58f222f89ff46b4ae56d2
SSDEEP

768:r9xKjjTYic/be0PMurM+rMRa8NuTPQYt:hojjTYLDe00x+gRJNMo

Score

10^/10

njrat hacked defense_evasion discovery persistence privilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

37.235.55.68:2566

Mutex

b5a23fdb929b89d34552a60c6d38e915

Attributes

reg_key
b5a23fdb929b89d34552a60c6d38e915
splitter
|'|'|

Targets

- Target
  
  e90374102de59fbaeacd4b4f0712debab611c1bbd4421ac54c436d6ab3d2b50b
- Size
  
  37KB
- MD5
  
  e26a00c641bbcab21850f6db3900780a
- SHA1
  
  9f492f4fedd969ed6509fff99f55b1b27ed5b757
- SHA256
  
  e90374102de59fbaeacd4b4f0712debab611c1bbd4421ac54c436d6ab3d2b50b
- SHA512
  
  011a5642fe7cf4631d1f9d0cca0be27a981c64daef7879aa90e7210250efa4af5a1d24ef22d74518b1f1251a000d1a76e76b0152e7e58f222f89ff46b4ae56d2
- SSDEEP
  
  768:r9xKjjTYic/be0PMurM+rMRa8NuTPQYt:hojjTYLDe00x+gRJNMo
Score

8^/10

defense_evasion discovery persistence privilege_escalation
- Modifies Windows Firewall
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalation

behavioral2

defense_evasiondiscoverypersistenceprivilege_escalation