Overview

overview

10

Static

static

10

Nursultan.exe

windows10-ltsc 2021-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Nursultan.exe

  • Size

    17.5MB

  • Sample

    250128-n81rsaxqgz

  • MD5

    186878f03c828104ae806baba96aeb97

  • SHA1

    1913e0299b2fc42f275b13cac435b78e3b6f37df

  • SHA256

    55268aba21741e673432fd0008b19725a32191a14212cff94440a2df4e0f92fe

  • SHA512

    b9e4c4109ea9386d394d72e6dfcf3d4a020ba2591844dfe114482e50d72613e6c7b32ec2c40606bc63c9185d8728c115587897ddb3379bc09cdf4b5ec8737ad8

  • SSDEEP

    393216:aquA/JFQOEKdqGdVgT7uOPXtWV0HVvvoP7cI/NG1CMkCCk3BrS:apMKOEKd9dK7uOPXtW8otAwMkCCuB2

Score
10/10
njratagilenetdiscoverytrojan

Malware Config

Targets

    • Target

      Nursultan.exe

    • Size

      17.5MB

    • MD5

      186878f03c828104ae806baba96aeb97

    • SHA1

      1913e0299b2fc42f275b13cac435b78e3b6f37df

    • SHA256

      55268aba21741e673432fd0008b19725a32191a14212cff94440a2df4e0f92fe

    • SHA512

      b9e4c4109ea9386d394d72e6dfcf3d4a020ba2591844dfe114482e50d72613e6c7b32ec2c40606bc63c9185d8728c115587897ddb3379bc09cdf4b5ec8737ad8

    • SSDEEP

      393216:aquA/JFQOEKdqGdVgT7uOPXtWV0HVvvoP7cI/NG1CMkCCk3BrS:apMKOEKd9dK7uOPXtW8otAwMkCCuB2

    Score
    10/10
    njratagilenetdiscoverytrojan

    • Njrat family

      njrat

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks