njrat | 0a70a884c4386a12cd5dcb5b8a6db76f4deff1a39ccaa178f71cfa600619db88 | Triage

Sharing

General

Target

0A70A884C4386A12CD5DCB5B8A6DB76F4DEFF1A39CCAA.exe
Size

718KB
Sample

220129-segh9scddl
MD5

e418beb7300b3d82e35d020fca955340
SHA1

42dfb1ed5e837dab445fa9cdb24caa641a17b94c
SHA256

0a70a884c4386a12cd5dcb5b8a6db76f4deff1a39ccaa178f71cfa600619db88
SHA512

b83e638525845c6f55c0e82a0f245fa8ee4ac8dff2d871696f7762686d9458dabc2c9b33b5be1b557765181c6385010c67c1f6dfc9d0f0c872e78eb04db1f2fb

Score

10^/10

njrat nyan cat trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

dc7afde8db824

Attributes

reg_key
dc7afde8db824
splitter
@!#&^%$

Targets

- Target
  
  0A70A884C4386A12CD5DCB5B8A6DB76F4DEFF1A39CCAA.exe
- Size
  
  718KB
- MD5
  
  e418beb7300b3d82e35d020fca955340
- SHA1
  
  42dfb1ed5e837dab445fa9cdb24caa641a17b94c
- SHA256
  
  0a70a884c4386a12cd5dcb5b8a6db76f4deff1a39ccaa178f71cfa600619db88
- SHA512
  
  b83e638525845c6f55c0e82a0f245fa8ee4ac8dff2d871696f7762686d9458dabc2c9b33b5be1b557765181c6385010c67c1f6dfc9d0f0c872e78eb04db1f2fb
Score

10^/10

njrat nyan cat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

njratnyan cattrojan