njrat | 88438e680d7127491c1bed3f762ac9fc7839e08e710cb8f9da9d1cfbaf772f68 | Triage

Sharing

General

Target

Server.exe
Size

93KB
Sample

250130-2fbh3svkas
MD5

cc560bdc2869ccf4ae0e939a1aa7f1b4
SHA1

f16b12272a26df1bb2dffe5ebbd8483b30d59ee5
SHA256

88438e680d7127491c1bed3f762ac9fc7839e08e710cb8f9da9d1cfbaf772f68
SHA512

d57d6e8e1d27d41c01f3a6c6bcdb8f522748527678539f816b94da3b5cba8a75a96b8d1b0677ef77925eb579d2c7d374f50b91df9887f734ff288a303ddbae12
SSDEEP

1536:PUwC+xhUa9urgOBPRNvM4jEwzGi1dDxD8gS:PUmUa9urgObdGi1dNV

Score

10^/10

njrat hacked defense_evasion discovery persistence privilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

j4n6foy.localto.net:2596

Mutex

77ce164121a4c7cfe3772de98ef7d22c

Attributes

reg_key
77ce164121a4c7cfe3772de98ef7d22c
splitter
|'|'|

Targets

- Target
  
  Server.exe
- Size
  
  93KB
- MD5
  
  cc560bdc2869ccf4ae0e939a1aa7f1b4
- SHA1
  
  f16b12272a26df1bb2dffe5ebbd8483b30d59ee5
- SHA256
  
  88438e680d7127491c1bed3f762ac9fc7839e08e710cb8f9da9d1cfbaf772f68
- SHA512
  
  d57d6e8e1d27d41c01f3a6c6bcdb8f522748527678539f816b94da3b5cba8a75a96b8d1b0677ef77925eb579d2c7d374f50b91df9887f734ff288a303ddbae12
- SSDEEP
  
  1536:PUwC+xhUa9urgOBPRNvM4jEwzGi1dDxD8gS:PUmUa9urgObdGi1dNV
Score

8^/10

defense_evasion discovery persistence privilege_escalation
- Modifies Windows Firewall
  defense_evasion
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalation