Overview

overview

10

Static

static

10

bf242bf12c...0d.exe

windows7-x64

8

bf242bf12c...0d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf242bf12c80e2d6924e992c6d0fbab719ef9939b93851c715bf1f5c7bfbda0d

  • Size

    37KB

  • Sample

    250121-kskh3swlfr

  • MD5

    ecf1399ed8c14a4a03266bb9a727e931

  • SHA1

    b5c9b189df7645abee2d258f14ce80dd3e01f894

  • SHA256

    bf242bf12c80e2d6924e992c6d0fbab719ef9939b93851c715bf1f5c7bfbda0d

  • SHA512

    ca8080b087f03e38a276f4c821338e9df564dc1185247fd814d79660bd84a377625b2d07bf73f715d65b4b0cff7624857c16fc795a98a40623294d090dbb7343

  • SSDEEP

    768:99xKjjTYic/be0PMurM+rMRa8NuTPQEt:zojjTYLDe00x+gRJNMo

Score
10/10
njrathackeddefense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

37.235.55.68:2566

Mutex

b5a23fdb929b89d34552a60c6d38e915

Attributes
  • reg_key

    b5a23fdb929b89d34552a60c6d38e915

  • splitter

    |'|'|

Targets

    • Target

      bf242bf12c80e2d6924e992c6d0fbab719ef9939b93851c715bf1f5c7bfbda0d

    • Size

      37KB

    • MD5

      ecf1399ed8c14a4a03266bb9a727e931

    • SHA1

      b5c9b189df7645abee2d258f14ce80dd3e01f894

    • SHA256

      bf242bf12c80e2d6924e992c6d0fbab719ef9939b93851c715bf1f5c7bfbda0d

    • SHA512

      ca8080b087f03e38a276f4c821338e9df564dc1185247fd814d79660bd84a377625b2d07bf73f715d65b4b0cff7624857c16fc795a98a40623294d090dbb7343

    • SSDEEP

      768:99xKjjTYic/be0PMurM+rMRa8NuTPQEt:zojjTYLDe00x+gRJNMo

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks