njrat | 706caaf63f112746361074f8913c44bfa661733e1e82a473d3db00cd525558cf | Triage

Sharing

General

Target

706caaf63f112746361074f8913c44bfa661733e1e82a473d3db00cd525558cf
Size

43KB
Sample

250404-r1q46a1my3
MD5

cb7de4f8fd4907268066edce2a30f820
SHA1

1e2dca96ac97c500d28dc976a97ab98a0f1e1848
SHA256

706caaf63f112746361074f8913c44bfa661733e1e82a473d3db00cd525558cf
SHA512

423111409afb84a56d5728cfa457396272dd338149c31d0bf785d0ad318fcd0d4c79cf7155a259e90b15b7d5b05963975e13351400131659c2bf1c161f654525
SSDEEP

384:XZy+Hl9n1iDcsyEqt3ptvwcsECGgOE3zcQij2Z2NO3PlpJKkkjh/TzF7pWnPmgX7:p99nU4pEqt5tvt7gfu9Q/oi7+L

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

127.0.0.1:6754

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Targets

- Target
  
  706caaf63f112746361074f8913c44bfa661733e1e82a473d3db00cd525558cf
- Size
  
  43KB
- MD5
  
  cb7de4f8fd4907268066edce2a30f820
- SHA1
  
  1e2dca96ac97c500d28dc976a97ab98a0f1e1848
- SHA256
  
  706caaf63f112746361074f8913c44bfa661733e1e82a473d3db00cd525558cf
- SHA512
  
  423111409afb84a56d5728cfa457396272dd338149c31d0bf785d0ad318fcd0d4c79cf7155a259e90b15b7d5b05963975e13351400131659c2bf1c161f654525
- SSDEEP
  
  384:XZy+Hl9n1iDcsyEqt3ptvwcsECGgOE3zcQij2Z2NO3PlpJKkkjh/TzF7pWnPmgX7:p99nU4pEqt5tvt7gfu9Q/oi7+L
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan