njrat | aa5a92288d88da7e10582d2bda74f117b78ac40549cdd88db1899faf428c1725 | Triage

Submit
Reports

Overview

overview

Static

static

4b538e0fed...0d.exe

windows7-x64

4b538e0fed...0d.exe

windows10-2004-x64

Sharing

General

Target

4b538e0fed0fe08ae1c8e69dc117fa0d.bin
Size

55KB
Sample

240701-b851aasemg
MD5

4b538e0fed0fe08ae1c8e69dc117fa0d
SHA1

31515400be72476bb0645cb381c6d94648a28454
SHA256

aa5a92288d88da7e10582d2bda74f117b78ac40549cdd88db1899faf428c1725
SHA512

0eee989428246417bd789a1c2b01226edf805ee9a9cec10a6ee0055f1be7c90aba7ef34fad7d6bdbc430ea18b4dfa184d384a3ce3c5de0a2f990ac7e2f67cb8f
SSDEEP

1536:R+8N4DnzON2zUz/UVcD2wsNMDBXExI3pmJm:R4Dnz3oz8VcD2wsNMDBXExI3pm

Score

10^/10

njrat ha4ked by @forlove trojan

Static task

static1

ha4ked by @forlove njrat

2 signatures

Behavioral task

behavioral1

Sample

4b538e0fed0fe08ae1c8e69dc117fa0d.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

4b538e0fed0fe08ae1c8e69dc117fa0d.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

njrat

Version

<- NjRAT 0.7d Horror Edition ->

Botnet

Ha4keD By @forlove

C2

away-displays.gl.at.ply.gg:1144

Mutex

168773d1c6918676175c156889709475

Attributes

reg_key
168773d1c6918676175c156889709475
splitter
Y262SUCZ4UJJ

Targets

- Target
  
  4b538e0fed0fe08ae1c8e69dc117fa0d.bin
- Size
  
  55KB
- MD5
  
  4b538e0fed0fe08ae1c8e69dc117fa0d
- SHA1
  
  31515400be72476bb0645cb381c6d94648a28454
- SHA256
  
  aa5a92288d88da7e10582d2bda74f117b78ac40549cdd88db1899faf428c1725
- SHA512
  
  0eee989428246417bd789a1c2b01226edf805ee9a9cec10a6ee0055f1be7c90aba7ef34fad7d6bdbc430ea18b4dfa184d384a3ce3c5de0a2f990ac7e2f67cb8f
- SSDEEP
  
  1536:R+8N4DnzON2zUz/UVcD2wsNMDBXExI3pmJm:R4Dnz3oz8VcD2wsNMDBXExI3pm
Score

10^/10

njrat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ha4ked by @forlovenjrat

behavioral1

behavioral2

© 2018-2024

Terms | Privacy