General

  • Target

    A4D00448FA39EC93A43F979B7C2BEFA1719D5816FB524.exe

  • Size

    1.0MB

  • Sample

    220723-h3slbsdahr

  • MD5

    5ec22c4611b9283b50b9e6d47f539e60

  • SHA1

    036e74435207ca2f40049b8a9614b524ec706ebe

  • SHA256

    a4d00448fa39ec93a43f979b7c2befa1719d5816fb52403f5d276c914554d806

  • SHA512

    3395a8dff0ed097dff08304a4d38068e0524826d4d5429c4da41cdf44a89e1dec33707006a281542df436f9ce70bdb9f514393faba5ec59ac1db4af3b8f430c2

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

263f517d4782

Attributes
  • reg_key

    263f517d4782

  • splitter

    @!#&^%$

Targets

    • Target

      A4D00448FA39EC93A43F979B7C2BEFA1719D5816FB524.exe

    • Size

      1.0MB

    • MD5

      5ec22c4611b9283b50b9e6d47f539e60

    • SHA1

      036e74435207ca2f40049b8a9614b524ec706ebe

    • SHA256

      a4d00448fa39ec93a43f979b7c2befa1719d5816fb52403f5d276c914554d806

    • SHA512

      3395a8dff0ed097dff08304a4d38068e0524826d4d5429c4da41cdf44a89e1dec33707006a281542df436f9ce70bdb9f514393faba5ec59ac1db4af3b8f430c2

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks