General

  • Target

    D3554AFBCFFDC707DC35F7E430CBCEEC944CB23AFF104.exe

  • Size

    10.7MB

  • Sample

    220731-wzbejacbfj

  • MD5

    c4664882c6f830269552ce834dcbb027

  • SHA1

    f88593230009338a56a4a9c4bc5cc17362bb0780

  • SHA256

    d3554afbcffdc707dc35f7e430cbceec944cb23aff1046bd906fda3bd9790352

  • SHA512

    c174c59f851fa7a3637766dbb1dff5e766e01c2b0cfe51cea5fd9f50a7583fc2374e3a6cf3ea9f688cb0a5fb11789082627bb96ad10406a6ba3bd87ff2d9077d

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

a64318c1c1e44a49

Attributes
  • reg_key

    a64318c1c1e44a49

  • splitter

    @!#&^%$

Targets

    • Target

      D3554AFBCFFDC707DC35F7E430CBCEEC944CB23AFF104.exe

    • Size

      10.7MB

    • MD5

      c4664882c6f830269552ce834dcbb027

    • SHA1

      f88593230009338a56a4a9c4bc5cc17362bb0780

    • SHA256

      d3554afbcffdc707dc35f7e430cbceec944cb23aff1046bd906fda3bd9790352

    • SHA512

      c174c59f851fa7a3637766dbb1dff5e766e01c2b0cfe51cea5fd9f50a7583fc2374e3a6cf3ea9f688cb0a5fb11789082627bb96ad10406a6ba3bd87ff2d9077d

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks