njrat | 679b6a7d4464b113500d1492a3721f7e36583e171981e0cdb3c58932040e74e3 | Triage

Sharing

General

Target

679b6a7d4464b113500d1492a3721f7e36583e171981e0cdb3c58932040e74e3
Size

316KB
Sample

210914-hcydwsabcj
MD5

af34e9e13f317ec8af540c876afe8885
SHA1

70f8e2f6faf55c20f6276ec86075036c18365eee
SHA256

679b6a7d4464b113500d1492a3721f7e36583e171981e0cdb3c58932040e74e3
SHA512

a38f431ae969b4801b754406d7d341091b76d4df8c46789182b22f71bf9497beb094c9c500b8ee61217cbf29cf67db0b5719ce43c08fca8701fa526201307af6

Score

10^/10

njrat nyan cat trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

192.168.0.108:5000

Mutex

c6af998e91fd48a6a

Attributes

reg_key
c6af998e91fd48a6a
splitter
@!#&^%$

Targets

- Target
  
  679b6a7d4464b113500d1492a3721f7e36583e171981e0cdb3c58932040e74e3
- Size
  
  316KB
- MD5
  
  af34e9e13f317ec8af540c876afe8885
- SHA1
  
  70f8e2f6faf55c20f6276ec86075036c18365eee
- SHA256
  
  679b6a7d4464b113500d1492a3721f7e36583e171981e0cdb3c58932040e74e3
- SHA512
  
  a38f431ae969b4801b754406d7d341091b76d4df8c46789182b22f71bf9497beb094c9c500b8ee61217cbf29cf67db0b5719ce43c08fca8701fa526201307af6
Score

10^/10

njrat nyan cat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

njratnyan cattrojan

behavioral2

njratnyan cattrojan