njrat | 7bdd5165674fec22061a6815ba57c595d99021faa609c1f4ed32677f4f1d9cd3 | Triage

Sharing

General

Target

7bdd5165674fec22061a6815ba57c595d99021faa609c1f4ed32677f4f1d9cd3.exe
Size

54KB
Sample

250322-dmt21azr12
MD5

f41b17e9ae4d3329d66d526bacf3c503
SHA1

9169fb9412ffb7def5cc927dfe39eebe9ada0d56
SHA256

7bdd5165674fec22061a6815ba57c595d99021faa609c1f4ed32677f4f1d9cd3
SHA512

90b0557532f64059db93011a19f13e8fa54c17361c59bd303e04f665eb37a8ebc91297770787cc020f9a3a8df249186886d83dcd14c396c2581f6a71c4347c05
SSDEEP

768:rlUUbwoZ2EsltZgh753K7JSNlexWQG35bmaePD5PvGEXXJdxIEpmwg:rlU01GtZgt5EGlMWQcGDjX3xIEpmwg

Score

10^/10

njrat victim discovery trojan

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Victim

C2

size-ingredients.gl.at.ply.gg:8848

Mutex

11390ffcc5e77b5abb8fc1519f8a1de5

Attributes

reg_key
11390ffcc5e77b5abb8fc1519f8a1de5
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  7bdd5165674fec22061a6815ba57c595d99021faa609c1f4ed32677f4f1d9cd3.exe
- Size
  
  54KB
- MD5
  
  f41b17e9ae4d3329d66d526bacf3c503
- SHA1
  
  9169fb9412ffb7def5cc927dfe39eebe9ada0d56
- SHA256
  
  7bdd5165674fec22061a6815ba57c595d99021faa609c1f4ed32677f4f1d9cd3
- SHA512
  
  90b0557532f64059db93011a19f13e8fa54c17361c59bd303e04f665eb37a8ebc91297770787cc020f9a3a8df249186886d83dcd14c396c2581f6a71c4347c05
- SSDEEP
  
  768:rlUUbwoZ2EsltZgh753K7JSNlexWQG35bmaePD5PvGEXXJdxIEpmwg:rlU01GtZgt5EGlMWQcGDjX3xIEpmwg
Score

10^/10

njrat discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratdiscoverytrojan

behavioral2

njratdiscoverytrojan