Overview

overview

10

Static

static

10

7af0156a84...98.exe

windows7-x64

8

7af0156a84...98.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7af0156a84824969e63357b1a5d6913efa7f0df71a2f585a416d0d200a5c5898.exe

  • Size

    37KB

  • Sample

    250326-n9c24s1nt5

  • MD5

    24ab0ba0700aff18d46f4b4858907567

  • SHA1

    d4a9f83e3729733d6f9f43bf8d0b475eb0fdba2b

  • SHA256

    7af0156a84824969e63357b1a5d6913efa7f0df71a2f585a416d0d200a5c5898

  • SHA512

    b3d404452b01720f4a4756e8e409cdee93e830186e78c4c30c3247caab4150c98987fb507657a6f929fb5d26a02a5092a873cb8883521a5b06da7b362ac4e727

  • SSDEEP

    384:VetvEiTbTvpWNcZ0y8fvCv3v3cLkacpjrAF+rMRTyN/0L+EcoinblneHQM3epzXX:4t7TZ38fvCv3E1c1rM+rMRa8Nu8it

Score
10/10
njrathackeddefense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

C2

2.tcp.eu.ngrok.io:12629

Mutex

2025b9f237c2fb27c13d52e4a198434b

Attributes
  • reg_key

    2025b9f237c2fb27c13d52e4a198434b

  • splitter

    |'|'|

Targets

    • Target

      7af0156a84824969e63357b1a5d6913efa7f0df71a2f585a416d0d200a5c5898.exe

    • Size

      37KB

    • MD5

      24ab0ba0700aff18d46f4b4858907567

    • SHA1

      d4a9f83e3729733d6f9f43bf8d0b475eb0fdba2b

    • SHA256

      7af0156a84824969e63357b1a5d6913efa7f0df71a2f585a416d0d200a5c5898

    • SHA512

      b3d404452b01720f4a4756e8e409cdee93e830186e78c4c30c3247caab4150c98987fb507657a6f929fb5d26a02a5092a873cb8883521a5b06da7b362ac4e727

    • SSDEEP

      384:VetvEiTbTvpWNcZ0y8fvCv3v3cLkacpjrAF+rMRTyN/0L+EcoinblneHQM3epzXX:4t7TZ38fvCv3E1c1rM+rMRa8Nu8it

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation

    • Modifies Windows Firewall

      defense_evasion

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.