njrat | cbd527d1dbfef781aaa1d1ef6c8c5a0edd32658a230c58d504d00037cf0fcb78 | Triage

Sharing

General

Target

En la presente fecha el juzgado citante notifica el auto admisorio de la demanda proferido dentro del asunto de la referencia.vbs
Size

827B
Sample

210913-s6rhjshbbj
MD5

d514951376914b9a27c6224acf10795e
SHA1

dcdb8f2c70372d5104ab1ee68e6f23c767a88a1b
SHA256

cbd527d1dbfef781aaa1d1ef6c8c5a0edd32658a230c58d504d00037cf0fcb78
SHA512

f69ba8b7921aadc8032578a5f7e7515bebc0377a513cad099575fbee543df6ede19659853aa728ef514a835a9737b8417af16e80cf914cd7afdbc1302d75d03e

Score

10^/10

njrat nyan cat trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

fuckand.duckdns.org:3018

Mutex

e67a9b3afdbe442c9

Attributes

reg_key
e67a9b3afdbe442c9
splitter
@!#&^%$

Targets

- Target
  
  En la presente fecha el juzgado citante notifica el auto admisorio de la demanda proferido dentro del asunto de la referencia.vbs
- Size
  
  827B
- MD5
  
  d514951376914b9a27c6224acf10795e
- SHA1
  
  dcdb8f2c70372d5104ab1ee68e6f23c767a88a1b
- SHA256
  
  cbd527d1dbfef781aaa1d1ef6c8c5a0edd32658a230c58d504d00037cf0fcb78
- SHA512
  
  f69ba8b7921aadc8032578a5f7e7515bebc0377a513cad099575fbee543df6ede19659853aa728ef514a835a9737b8417af16e80cf914cd7afdbc1302d75d03e
Score

10^/10

njrat nyan cat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Blocklisted process makes network request
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

njratnyan cattrojan