Overview

overview

10

Static

static

10

14531.exe

windows7-x64

8

14531.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14531.exe

  • Size

    93KB

  • Sample

    250326-xg6cmasqv5

  • MD5

    db2cc38ba3d26a1f3ee204f8c9377ee9

  • SHA1

    dbe5a78eb04aac28835b6fd8c38f0b689aa74f0f

  • SHA256

    e39068d07e22d5f8ca2862fd78fad56032b4317f6930833a7bc209ebcb0bf00a

  • SHA512

    c2568acb72ff8e350bad98c0171518ee2f7b0a27aafb2ccfaa6940b08d2684ef826f9592e7ad25a4366166924526e27feeae34c543d85867dbd3e750ee691598

  • SSDEEP

    768:PY3RUAy0lM7utchQmnroAgFDSXaaJ/oXbyXxrjEtCdnl2pi1Rz4Rk3UsGdpPgS7:8Ud0i1nroxFMpowjEwzGi1dDMDPgS

Score
10/10
njratruntim14531oker.exedefense_evasiondiscoverypersistenceprivilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

Runtim14531oker.exe

C2

hakim32.ddns.net:2000

morning-ultimately.gl.at.ply.gg:14531
Mutex

b01bafee67b4e3a4b4846a4df843c25b

Attributes
  • reg_key

    b01bafee67b4e3a4b4846a4df843c25b

  • splitter

    |'|'|

Targets

    • Target

      14531.exe

    • Size

      93KB

    • MD5

      db2cc38ba3d26a1f3ee204f8c9377ee9

    • SHA1

      dbe5a78eb04aac28835b6fd8c38f0b689aa74f0f

    • SHA256

      e39068d07e22d5f8ca2862fd78fad56032b4317f6930833a7bc209ebcb0bf00a

    • SHA512

      c2568acb72ff8e350bad98c0171518ee2f7b0a27aafb2ccfaa6940b08d2684ef826f9592e7ad25a4366166924526e27feeae34c543d85867dbd3e750ee691598

    • SSDEEP

      768:PY3RUAy0lM7utchQmnroAgFDSXaaJ/oXbyXxrjEtCdnl2pi1Rz4Rk3UsGdpPgS7:8Ud0i1nroxFMpowjEwzGi1dDMDPgS

    Score
    8/10
    defense_evasiondiscoverypersistenceprivilege_escalation
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.