njrat | 833b5f57d6e88181c7616d4e3a67bd66170e963e24f2b414e15b4a2abd4f88cc | Triage

Sharing

General

Target

833b5f57d6e88181c7616d4e3a67bd66170e963e24f2b414e15b4a2abd4f88ccN.exe
Size

54KB
Sample

250204-1e24zavnap
MD5

c53c1064f710cab35835c495b4a51c10
SHA1

a9bf218d9a6e6899ea64ed8929930cbcd90d1759
SHA256

833b5f57d6e88181c7616d4e3a67bd66170e963e24f2b414e15b4a2abd4f88cc
SHA512

68a7434ad8fd1fdebeb760896618a2e90bef98a5df1a7e77d843381a72ca72e71fc36e741e4e15d4c52bbdbf5e06aff28d1cc3b4d3c59e0ffe4f3cf1d50c5b9e
SSDEEP

1536:yGCoDns0NiiSx1YDOwsNMDgXExI3pm5m:QoDnwXTYDOwsNMDgXExI3pm

Score

10^/10

njrat victim discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

192.168.20.115:6522

Mutex

374a80f0820c4f48304ae45ba65b30fa

Attributes

reg_key
374a80f0820c4f48304ae45ba65b30fa
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  833b5f57d6e88181c7616d4e3a67bd66170e963e24f2b414e15b4a2abd4f88ccN.exe
- Size
  
  54KB
- MD5
  
  c53c1064f710cab35835c495b4a51c10
- SHA1
  
  a9bf218d9a6e6899ea64ed8929930cbcd90d1759
- SHA256
  
  833b5f57d6e88181c7616d4e3a67bd66170e963e24f2b414e15b4a2abd4f88cc
- SHA512
  
  68a7434ad8fd1fdebeb760896618a2e90bef98a5df1a7e77d843381a72ca72e71fc36e741e4e15d4c52bbdbf5e06aff28d1cc3b4d3c59e0ffe4f3cf1d50c5b9e
- SSDEEP
  
  1536:yGCoDns0NiiSx1YDOwsNMDgXExI3pm5m:QoDnwXTYDOwsNMDgXExI3pm
Score

10^/10

njrat discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan