General

  • Target

    CDBF573605A469D266916663C1B6826A.exe

  • Size

    1020KB

  • Sample

    220714-mm8ptsffbm

  • MD5

    cdbf573605a469d266916663c1b6826a

  • SHA1

    937e3093e237931b34fc7bc69a764c8b6400c9da

  • SHA256

    416ea3c311ed12032c6d5fa34a8db107fccd579cfb3e3a2ffc5038deb98c8b87

  • SHA512

    e50c4ed69ef13239b0066f83307e6ce588b7ad046da40970f429b6390db697d7f6d985939dbce9dd1ca4bbb4b74a7119fb21c5b29f0247346f3ab804c3556182

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

dfb8baf1492a47f

Attributes
  • reg_key

    dfb8baf1492a47f

  • splitter

    @!#&^%$

Targets

    • Target

      CDBF573605A469D266916663C1B6826A.exe

    • Size

      1020KB

    • MD5

      cdbf573605a469d266916663c1b6826a

    • SHA1

      937e3093e237931b34fc7bc69a764c8b6400c9da

    • SHA256

      416ea3c311ed12032c6d5fa34a8db107fccd579cfb3e3a2ffc5038deb98c8b87

    • SHA512

      e50c4ed69ef13239b0066f83307e6ce588b7ad046da40970f429b6390db697d7f6d985939dbce9dd1ca4bbb4b74a7119fb21c5b29f0247346f3ab804c3556182

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

MITRE ATT&CK Matrix

Tasks