General

  • Target

    19498b98de56b23359e52d464ad0fdd37cf016afe455332a836c2e0f4ecd4e83

  • Size

    1.3MB

  • Sample

    220608-rr18rsfad6

  • MD5

    68847c08130c46004ff69cc607af2c66

  • SHA1

    c646aa02f95ed675352ec8c0b2134cf2bc2da2ff

  • SHA256

    19498b98de56b23359e52d464ad0fdd37cf016afe455332a836c2e0f4ecd4e83

  • SHA512

    9a610a2cfa68d926814667cd0e3c12b06641c90ce86aa37796186961f29630c8f231ccf98059fc099bc6ad40ca30f75fe5e4f16e42be90e50029e620c1dd9465

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

6cbdfef80999

Attributes
  • reg_key

    6cbdfef80999

  • splitter

    @!#&^%$

Targets

    • Target

      19498b98de56b23359e52d464ad0fdd37cf016afe455332a836c2e0f4ecd4e83

    • Size

      1.3MB

    • MD5

      68847c08130c46004ff69cc607af2c66

    • SHA1

      c646aa02f95ed675352ec8c0b2134cf2bc2da2ff

    • SHA256

      19498b98de56b23359e52d464ad0fdd37cf016afe455332a836c2e0f4ecd4e83

    • SHA512

      9a610a2cfa68d926814667cd0e3c12b06641c90ce86aa37796186961f29630c8f231ccf98059fc099bc6ad40ca30f75fe5e4f16e42be90e50029e620c1dd9465

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

MITRE ATT&CK Matrix

Tasks