njrat | 887420d1dcca02056fb9b2aaffacaf87ac76d438fb4e4b9f244cde119db7ebc6 | Triage

Sharing

General

Target

Cancele inmediatamente para suspender las acciones Judiciales en su contra En caso contrario continuaremos con el proceso como lo establece El art 681 del código 2020.PDF.vbs
Size

151KB
Sample

211221-p7lrxaecgk
MD5

5d536406d735e27d910faf1813d79e0b
SHA1

32f7716ddb61131917a90b83eb7fd74ce5eef16a
SHA256

887420d1dcca02056fb9b2aaffacaf87ac76d438fb4e4b9f244cde119db7ebc6
SHA512

1b797c0ada2656242d4017ecc33ce4045eece9a982cd4645e9e369e7d62ceed91e4f00ac14203077c349d8f815ed255d7fbe12742575e94f205bc319a9b365df

Score

10^/10

njrat nyan cat suricata trojan

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

ps1.dropper

http://91.241.19.49/ramdes/DownloaderF3.txt

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

njss.duckdns.org:57831

Mutex

d51414327d6e

Attributes

reg_key
d51414327d6e
splitter
@!#&^%$

Targets

- Target
  
  Cancele inmediatamente para suspender las acciones Judiciales en su contra En caso contrario continuaremos con el proceso como lo establece El art 681 del código 2020.PDF.vbs
- Size
  
  151KB
- MD5
  
  5d536406d735e27d910faf1813d79e0b
- SHA1
  
  32f7716ddb61131917a90b83eb7fd74ce5eef16a
- SHA256
  
  887420d1dcca02056fb9b2aaffacaf87ac76d438fb4e4b9f244cde119db7ebc6
- SHA512
  
  1b797c0ada2656242d4017ecc33ce4045eece9a982cd4645e9e369e7d62ceed91e4f00ac14203077c349d8f815ed255d7fbe12742575e94f205bc319a9b365df
Score

10^/10

njrat nyan cat suricata trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
  suricata
- Blocklisted process makes network request
- Drops startup file
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratnyan catsuricatatrojan