General

  • Target

    857aff9992a47764185c61da2493c753.exe

  • Size

    407KB

  • Sample

    210915-tgtr2sahg8

  • MD5

    857aff9992a47764185c61da2493c753

  • SHA1

    6efa34cd3fdb299fcd940c0719d3a172bac83164

  • SHA256

    b73dc9d5947dd389cbae282955568d35ae3a38acd24983b116cdd8eb7ef67155

  • SHA512

    fbb2a5bfb068d4f56e338dc67f4d1a171af3156de2b3d956a0a1bd9526706f370cdff16cfb136049468b3a71db4c7ce99349265d3841db7775d5389b7aab798a

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

pedrobedoya2021.duckdns.org:1980

Mutex

cf13c225ff474d45b

Attributes
  • reg_key

    cf13c225ff474d45b

  • splitter

    @!#&^%$

Targets

    • Target

      857aff9992a47764185c61da2493c753.exe

    • Size

      407KB

    • MD5

      857aff9992a47764185c61da2493c753

    • SHA1

      6efa34cd3fdb299fcd940c0719d3a172bac83164

    • SHA256

      b73dc9d5947dd389cbae282955568d35ae3a38acd24983b116cdd8eb7ef67155

    • SHA512

      fbb2a5bfb068d4f56e338dc67f4d1a171af3156de2b3d956a0a1bd9526706f370cdff16cfb136049468b3a71db4c7ce99349265d3841db7775d5389b7aab798a

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

1
T1082

Tasks