njrat | fb90a356ab154976c2beef2c2b069e6bb1287461c9b645539ff287f22e195233 | Triage

Sharing

General

Target

fb90a356ab154976c2beef2c2b069e6bb1287461c9b645539ff287f22e195233
Size

43KB
Sample

250404-tya19ssqv4
MD5

5206162f68f1223188f2406ac6dabf3f
SHA1

71de9504bea140141d830bf857463ca374a1e76e
SHA256

fb90a356ab154976c2beef2c2b069e6bb1287461c9b645539ff287f22e195233
SHA512

66759a71aa2209df91692418a67ce0ac2eaf4a2aa7aa5f24b9ebfe9bd772377644722f786e2cb44d996ac0e8dbda0abada6219862cbbc6ccd83b39e178a26cc4
SSDEEP

384:nZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWnPmgra:Z99nU4pEqt5tKhohuuXQ/oiC+L

Score

10^/10

njrat hacked discovery trojan

Malware Config

Extracted

Family

njrat

Version

Njrat 0.7 Golden By Hassan Amiri

Botnet

HacKed

C2

127.0.0.1:6754

Mutex

Windows Update

Attributes

reg_key
Windows Update
splitter
|Hassan|

Targets

- Target
  
  fb90a356ab154976c2beef2c2b069e6bb1287461c9b645539ff287f22e195233
- Size
  
  43KB
- MD5
  
  5206162f68f1223188f2406ac6dabf3f
- SHA1
  
  71de9504bea140141d830bf857463ca374a1e76e
- SHA256
  
  fb90a356ab154976c2beef2c2b069e6bb1287461c9b645539ff287f22e195233
- SHA512
  
  66759a71aa2209df91692418a67ce0ac2eaf4a2aa7aa5f24b9ebfe9bd772377644722f786e2cb44d996ac0e8dbda0abada6219862cbbc6ccd83b39e178a26cc4
- SSDEEP
  
  384:nZy+Hl9n1iDcsyEqt3ptKwQsElGhOEazcIij+ZsNO3PlpJKkkjh/TzF7pWnPmgra:Z99nU4pEqt5tKhohuuXQ/oiC+L
Score

10^/10

njrat hacked discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njrathackeddiscoverytrojan