njrat | 90808dd3dae17e0f25509aa02389eea1e1503165ef8287d03fd114f9c6ea58d8 | Triage

Sharing

General

Target

90808dd3dae17e0f25509aa02389eea1e1503165ef8287d03fd114f9c6ea58d8.exe
Size

23KB
Sample

250123-m3jewaxmdt
MD5

fcaba6d0d127f3344d212e8892b312be
SHA1

8231be53aad718e75a83d855d981b350a5a51d3e
SHA256

90808dd3dae17e0f25509aa02389eea1e1503165ef8287d03fd114f9c6ea58d8
SHA512

61cba46aa2cadcc25512c1ea4f85a993aaabcd4659996ad4be15a6761698a0656b282c1d544ea2b3c1a141f81ab088cca28f2bc87a830390ae1180ef219555e9
SSDEEP

384:NqMKyOkBkRbohza8yuTUt7u06zgV4a5pzomRvR6JZlbw8hqIusZzZ7uf:n/YI1T0RpcnuFf

Score

10^/10

njrat hacked defense_evasion discovery persistence privilege_escalation trojan

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

192.168.1.102:963

Mutex

7dc3d936b225d2346adcbb7553bba490

Attributes

reg_key
7dc3d936b225d2346adcbb7553bba490
splitter
|'|'|

Targets

- Target
  
  90808dd3dae17e0f25509aa02389eea1e1503165ef8287d03fd114f9c6ea58d8.exe
- Size
  
  23KB
- MD5
  
  fcaba6d0d127f3344d212e8892b312be
- SHA1
  
  8231be53aad718e75a83d855d981b350a5a51d3e
- SHA256
  
  90808dd3dae17e0f25509aa02389eea1e1503165ef8287d03fd114f9c6ea58d8
- SHA512
  
  61cba46aa2cadcc25512c1ea4f85a993aaabcd4659996ad4be15a6761698a0656b282c1d544ea2b3c1a141f81ab088cca28f2bc87a830390ae1180ef219555e9
- SSDEEP
  
  384:NqMKyOkBkRbohza8yuTUt7u06zgV4a5pzomRvR6JZlbw8hqIusZzZ7uf:n/YI1T0RpcnuFf
Score

10^/10

njrat defense_evasion discovery persistence privilege_escalation trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Modifies Windows Firewall
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdefense_evasiondiscoverypersistenceprivilege_escalationtrojan

behavioral2

njratdefense_evasiondiscoverypersistenceprivilege_escalationtrojan