Overview

overview

10

Static

static

10

14531.exe

windows7-x64

8

14531.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14531.exe

  • Size

    93KB

  • Sample

    250326-xcen4sz1et

  • MD5

    db2cc38ba3d26a1f3ee204f8c9377ee9

  • SHA1

    dbe5a78eb04aac28835b6fd8c38f0b689aa74f0f

  • SHA256

    e39068d07e22d5f8ca2862fd78fad56032b4317f6930833a7bc209ebcb0bf00a

  • SHA512

    c2568acb72ff8e350bad98c0171518ee2f7b0a27aafb2ccfaa6940b08d2684ef826f9592e7ad25a4366166924526e27feeae34c543d85867dbd3e750ee691598

  • SSDEEP

    768:PY3RUAy0lM7utchQmnroAgFDSXaaJ/oXbyXxrjEtCdnl2pi1Rz4Rk3UsGdpPgS7:8Ud0i1nroxFMpowjEwzGi1dDMDPgS

Score
10/10
njratruntim14531oker.exedefense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Runtim14531oker.exe

C2

hakim32.ddns.net:2000

morning-ultimately.gl.at.ply.gg:14531
Mutex

b01bafee67b4e3a4b4846a4df843c25b

Attributes
  • reg_key

    b01bafee67b4e3a4b4846a4df843c25b

  • splitter

    |'|'|

Targets

    • Target

      14531.exe

    • Size

      93KB

    • MD5

      db2cc38ba3d26a1f3ee204f8c9377ee9

    • SHA1

      dbe5a78eb04aac28835b6fd8c38f0b689aa74f0f

    • SHA256

      e39068d07e22d5f8ca2862fd78fad56032b4317f6930833a7bc209ebcb0bf00a

    • SHA512

      c2568acb72ff8e350bad98c0171518ee2f7b0a27aafb2ccfaa6940b08d2684ef826f9592e7ad25a4366166924526e27feeae34c543d85867dbd3e750ee691598

    • SSDEEP

      768:PY3RUAy0lM7utchQmnroAgFDSXaaJ/oXbyXxrjEtCdnl2pi1Rz4Rk3UsGdpPgS7:8Ud0i1nroxFMpowjEwzGi1dDMDPgS

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks