njrat | b35d1246aae057aceb6fa73dffaa59f7624ae670e4e6bb5dae934a2e69d67dbb | Triage

Sharing

General

Target

c6f41fa82336ac2a3a904bbfd9138254.exe
Size

37KB
Sample

250122-n6v4hswmcr
MD5

c6f41fa82336ac2a3a904bbfd9138254
SHA1

108fb702d48f775011f790b3e807545363383148
SHA256

b35d1246aae057aceb6fa73dffaa59f7624ae670e4e6bb5dae934a2e69d67dbb
SHA512

2dd5f6510e1e633555802be2f3b4028de4d305b093a23f6fa8378e2ccce8bb0c7d84947695479ba63cb3ec59afd39a56553726ff24973a444126e14e9774e6c4
SSDEEP

384:l6/gUiDrblmJEpRGyEfdDPTuWCYqAlLrAF+rMRTyN/0L+EcoinblneHQM3epzXfu:U/yHpR9EfdDCWClAprM+rMRa8Nuzwt

Score

10^/10

njrat hacked defense_evasion discovery persistence privilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

other-perry.gl.at.ply.gg:15719

Mutex

12fb50df21b164c11345b7070b8e3097

Attributes

reg_key
12fb50df21b164c11345b7070b8e3097
splitter
|'|'|

Targets

- Target
  
  c6f41fa82336ac2a3a904bbfd9138254.exe
- Size
  
  37KB
- MD5
  
  c6f41fa82336ac2a3a904bbfd9138254
- SHA1
  
  108fb702d48f775011f790b3e807545363383148
- SHA256
  
  b35d1246aae057aceb6fa73dffaa59f7624ae670e4e6bb5dae934a2e69d67dbb
- SHA512
  
  2dd5f6510e1e633555802be2f3b4028de4d305b093a23f6fa8378e2ccce8bb0c7d84947695479ba63cb3ec59afd39a56553726ff24973a444126e14e9774e6c4
- SSDEEP
  
  384:l6/gUiDrblmJEpRGyEfdDPTuWCYqAlLrAF+rMRTyN/0L+EcoinblneHQM3epzXfu:U/yHpR9EfdDCWClAprM+rMRa8Nuzwt
Score

8^/10

defense_evasion discovery persistence privilege_escalation
- Modifies Windows Firewall
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalation

behavioral2

defense_evasiondiscoverypersistenceprivilege_escalation