Overview

overview

10

Static

static

10

50210454605.exe

windows7_x64

10

50210454605.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    50210454605.exe

  • Size

    32KB

  • Sample

    220125-sfmrnshdfn

  • MD5

    ad6122559d2b098ddbac3bf8309d4fc4

  • SHA1

    53824c82f78d4172602ce9ad69e3746cadf46fad

  • SHA256

    a4e3944fa206e146cb252849742e921b433b8076723844dd73d2d3afed17ccb3

  • SHA512

    aca791b3089a70e50a8fe19a864b168a0b6ef93c2ca52be7bb745db241f01d904d4f2adf80d45c87a3f56b7d895b596d0e9a182df82eb42c7069c195d7454dd9

Score
10/10
njratnyan catsuricata

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

dormen.duckdns.org:9000

Mutex

9c14520e23a24a1

Attributes
  • reg_key

    9c14520e23a24a1

  • splitter

    @!#&^%$

Targets

    • Target

      50210454605.exe

    • Size

      32KB

    • MD5

      ad6122559d2b098ddbac3bf8309d4fc4

    • SHA1

      53824c82f78d4172602ce9ad69e3746cadf46fad

    • SHA256

      a4e3944fa206e146cb252849742e921b433b8076723844dd73d2d3afed17ccb3

    • SHA512

      aca791b3089a70e50a8fe19a864b168a0b6ef93c2ca52be7bb745db241f01d904d4f2adf80d45c87a3f56b7d895b596d0e9a182df82eb42c7069c195d7454dd9

    Score
    10/10
    suricata

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata

    • Deletes itself

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks