njRAT is one of the oldest and popular remote access trojan (RAT) in the malware world. njRAT is also known as Bladabindi RAT Njw0rm RAT. The reason of its popularity is the fact its source code is available and YouTube has tons of tutorials on it. njRAT has capabilities to log keystrokes, access the victim's camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim's desktop, perform process, file, and registry manipulations, and capabilities to let the attacker update, uninstall, restart, close, disconnect the RAT and rename its campaign ID. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread through USB drives. The new version of njRAT has added some more popular features, such as ransomware, DDOS, BTC wallet collection and antivirus bypass techniques. The creator of njRAT was an underground hacker community named Sparclyheason.
njRAT (Bladabindi) Signatures
njRAT (Bladabindi) Download
njRAT Source Code Download
Password of the source code archive is infected-RAT