Overview

overview

10

Static

static

DETALLES F...DF.vbs

windows7_x64

10

DETALLES F...DF.vbs

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DETALLES FACTUTACION VENCIDA.PDF.vbs

  • Size

    208KB

  • Sample

    220701-za1vnsahbj

  • MD5

    c2a54f061aba21192c2366e5aff19ef3

  • SHA1

    0e35261883e5bbe9df33797d230f7180309b083e

  • SHA256

    80d4b70c3b8c11f6c761e105ce14f61e191a89cc8bd81ee86fb741f48bfdb7ff

  • SHA512

    59ebcecb57800046d977e2fdd733d29e41d3ca14feab25b730ceeee8e6f4fa5e40e72eff2c3a629c8d9af298dbad1e18c1a34d87cef76e908f754f3221b558db

Score
10/10
njratnyan cattrojan

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
ps1.dropper

http://193.106.191.105/dll/dll%E2%93%94%E2%93%94%E2%93%94.txt

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

quilleras.duckdns.org:2054

Mutex

304ca59d53bc4d4

Attributes
  • reg_key

    304ca59d53bc4d4

  • splitter

    @!#&^%$

Targets

    • Target

      DETALLES FACTUTACION VENCIDA.PDF.vbs

    • Size

      208KB

    • MD5

      c2a54f061aba21192c2366e5aff19ef3

    • SHA1

      0e35261883e5bbe9df33797d230f7180309b083e

    • SHA256

      80d4b70c3b8c11f6c761e105ce14f61e191a89cc8bd81ee86fb741f48bfdb7ff

    • SHA512

      59ebcecb57800046d977e2fdd733d29e41d3ca14feab25b730ceeee8e6f4fa5e40e72eff2c3a629c8d9af298dbad1e18c1a34d87cef76e908f754f3221b558db

    Score
    10/10
    njratnyan cattrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks