njrat | c786086d33c576019252c76fd7e560a1777e187a71323d1136e3ec495f466a00 | Triage

Sharing

General

Target

New Client.exe
Size

65KB
Sample

250224-td7jqs1lw6
MD5

b7d6374e32e4e72ad310015cc907276e
SHA1

820ecebf284c1ee050c23daa1b1c46e074dbce2a
SHA256

c786086d33c576019252c76fd7e560a1777e187a71323d1136e3ec495f466a00
SHA512

8f41acb3d0b3d459cbd4795ca932f5932d012b06e2c55748ca6f41ccf983a5a4345235cbec26f5cf2359bbfc3764c1929df9dd88cadd6ff127f1cc1d0ed1fa46
SSDEEP

1536:aJ1KqboN36twQviFw1b3kEBnvAvfLteF3nLrB9z3nyaF9bwS9vM:aLKqboN36twQviFCzpBnsfWl9zCaF9b4

Score

10^/10

njrat hacked discovery

Malware Config

Extracted

Family

njrat

Version

Platinum

Botnet

HacKed

C2

127.0.0.1:7000

Mutex

Client.exe

Attributes

reg_key
Client.exe
splitter
|Ghost|

Targets

- Target
  
  New Client.exe
- Size
  
  65KB
- MD5
  
  b7d6374e32e4e72ad310015cc907276e
- SHA1
  
  820ecebf284c1ee050c23daa1b1c46e074dbce2a
- SHA256
  
  c786086d33c576019252c76fd7e560a1777e187a71323d1136e3ec495f466a00
- SHA512
  
  8f41acb3d0b3d459cbd4795ca932f5932d012b06e2c55748ca6f41ccf983a5a4345235cbec26f5cf2359bbfc3764c1929df9dd88cadd6ff127f1cc1d0ed1fa46
- SSDEEP
  
  1536:aJ1KqboN36twQviFw1b3kEBnvAvfLteF3nLrB9z3nyaF9bwS9vM:aLKqboN36twQviFCzpBnsfWl9zCaF9b4
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1