njrat | 05a2f56026b5a9e1ea1684b9a2a91a1cd814415f463c4b35626784d377891b54 | Triage

Resubmissions

28/03/2025, 16:53

250328-vdxvzaywfv 10

24/03/2025, 18:20

250324-wy8zeaxmx6 10

Sharing

General

Target

Server.exe
Size

93KB
Sample

250328-vdxvzaywfv
MD5

baf41f63bc78adc8c6d2436c8f37639a
SHA1

e4c599d34c45f9afc8a33f7fab431940d8471708
SHA256

05a2f56026b5a9e1ea1684b9a2a91a1cd814415f463c4b35626784d377891b54
SHA512

f7b982de9411419132be9fa6ef0a050b99d56a97f5b23899e783250d847840fa336dea116ae92a547ab894d64997293601bda5c4145a18968cace8fac310d1ba
SSDEEP

1536:OUwC+xhUa9urgOBPRNvM4jEwzGi1dDeDMgS:OUmUa9urgObdGi1dQl

Score

10^/10

njrat hacked defense_evasion discovery persistence privilege_escalation

Malware Config

Extracted

Family

njrat

Version

0.7d

Botnet

HacKed

C2

hakim32.ddns.net:2000

september-idol.gl.at.ply.gg:60127

Mutex

a07ed3473b57c095d69710069d48f926

Attributes

reg_key
a07ed3473b57c095d69710069d48f926
splitter
|'|'|

Targets

- Target
  
  Server.exe
- Size
  
  93KB
- MD5
  
  baf41f63bc78adc8c6d2436c8f37639a
- SHA1
  
  e4c599d34c45f9afc8a33f7fab431940d8471708
- SHA256
  
  05a2f56026b5a9e1ea1684b9a2a91a1cd814415f463c4b35626784d377891b54
- SHA512
  
  f7b982de9411419132be9fa6ef0a050b99d56a97f5b23899e783250d847840fa336dea116ae92a547ab894d64997293601bda5c4145a18968cace8fac310d1ba
- SSDEEP
  
  1536:OUwC+xhUa9urgOBPRNvM4jEwzGi1dDeDMgS:OUmUa9urgObdGi1dQl
Score

8^/10

defense_evasion discovery persistence privilege_escalation
- Modifies Windows Firewall
  defense_evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Create or Modify System Process

Windows Service

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistenceprivilege_escalation

behavioral2

defense_evasiondiscoverypersistenceprivilege_escalation