Overview

overview

10

Static

static

a65eec0b9d...91.exe

windows7_x64

10

a65eec0b9d...91.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a65eec0b9da0cc90e1254ba7594a6291.exe

  • Size

    1012KB

  • Sample

    211204-a48pyacee3

  • MD5

    a65eec0b9da0cc90e1254ba7594a6291

  • SHA1

    0692268e96272c0b0e25eb6e337fc086c7f4bda2

  • SHA256

    bf05a3947e7a4140b43547581564d04991f0c339a7ac35bcb2c7bb93f7b7ae1e

  • SHA512

    48464c59a7eadffbedec8a95a1fc4a0f42d3f10928e8394abefa629bd70d0a41816f3850c8e14f9c3c870f0cc56dee1c319b0290f5a78c5e4791960946c939bd

Score
10/10
njratnyan cattrojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

c0dd26caedd

Attributes
  • reg_key

    c0dd26caedd

  • splitter

    @!#&^%$

Targets

    • Target

      a65eec0b9da0cc90e1254ba7594a6291.exe

    • Size

      1012KB

    • MD5

      a65eec0b9da0cc90e1254ba7594a6291

    • SHA1

      0692268e96272c0b0e25eb6e337fc086c7f4bda2

    • SHA256

      bf05a3947e7a4140b43547581564d04991f0c339a7ac35bcb2c7bb93f7b7ae1e

    • SHA512

      48464c59a7eadffbedec8a95a1fc4a0f42d3f10928e8394abefa629bd70d0a41816f3850c8e14f9c3c870f0cc56dee1c319b0290f5a78c5e4791960946c939bd

    Score
    10/10
    njratnyan cattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks