njrat | aae4a82e65e47dc719affd7bebb7cc9ce1095fefeb3039947c1375688f2a4423 | Triage

Sharing

General

Target

aae4a82e65e47dc719affd7bebb7cc9ce1095fefeb3039947c1375688f2a4423
Size

991KB
Sample

210930-lnrl9shba2
MD5

71cf0b826a586a2c77eacfde791ec14e
SHA1

349a63989b801e1b9dee0960040ef7def96e28f6
SHA256

aae4a82e65e47dc719affd7bebb7cc9ce1095fefeb3039947c1375688f2a4423
SHA512

eb7f487097dea3d90740bcb7751ea581a03a76c3e335a931515e3f66f7db94877587872a2bf385ee8d926283feee4ce151cdba22a77abcb3daa2ead0199d7171

Score

10^/10

njrat nyan cat trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

septiembre2.duckdns.org:6633

Mutex

a2951ca84e184

Attributes

reg_key
a2951ca84e184
splitter
@!#&^%$

Targets

- Target
  
  aae4a82e65e47dc719affd7bebb7cc9ce1095fefeb3039947c1375688f2a4423
- Size
  
  991KB
- MD5
  
  71cf0b826a586a2c77eacfde791ec14e
- SHA1
  
  349a63989b801e1b9dee0960040ef7def96e28f6
- SHA256
  
  aae4a82e65e47dc719affd7bebb7cc9ce1095fefeb3039947c1375688f2a4423
- SHA512
  
  eb7f487097dea3d90740bcb7751ea581a03a76c3e335a931515e3f66f7db94877587872a2bf385ee8d926283feee4ce151cdba22a77abcb3daa2ead0199d7171
Score

10^/10

njrat nyan cat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

njratnyan cattrojan

behavioral2

njratnyan cattrojan