General

  • Target

    b0e3d3bde6aff8c1c117d382d844e0da

  • Size

    42KB

  • Sample

    240304-bwvzjseb71

  • MD5

    b0e3d3bde6aff8c1c117d382d844e0da

  • SHA1

    e24241bc081549de213da58eb9ff57da4c17dfe3

  • SHA256

    fcea89d299a8a4b18184a34fe97acd922e7b28c1138c0142b01b16052dd19a17

  • SHA512

    ebce89cd01f91ea38b7a648bb7e75b78fea4e50d09c9c21bc4c0ff8193896f74046fb7ebe5ff33dfe7bf7ee7d4833052e5bc91bd5b031730426545e024aca179

  • SSDEEP

    384:9X9d2LzuIJ3VO5sacPGWXggaN9PW6EDl6gmH1Et/yvp5M/ZW1etLumlCObF8hyr4:IHuItAaacP0N+l6gJV6pC/ZrTbahyK3

Score
10/10

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

testing35123.duckdns.org:1604

Mutex

830de61871284cdea

Attributes
  • reg_key

    830de61871284cdea

  • splitter

    @!#&^%$

Targets

    • Target

      b0e3d3bde6aff8c1c117d382d844e0da

    • Size

      42KB

    • MD5

      b0e3d3bde6aff8c1c117d382d844e0da

    • SHA1

      e24241bc081549de213da58eb9ff57da4c17dfe3

    • SHA256

      fcea89d299a8a4b18184a34fe97acd922e7b28c1138c0142b01b16052dd19a17

    • SHA512

      ebce89cd01f91ea38b7a648bb7e75b78fea4e50d09c9c21bc4c0ff8193896f74046fb7ebe5ff33dfe7bf7ee7d4833052e5bc91bd5b031730426545e024aca179

    • SSDEEP

      384:9X9d2LzuIJ3VO5sacPGWXggaN9PW6EDl6gmH1Et/yvp5M/ZW1etLumlCObF8hyr4:IHuItAaacP0N+l6gJV6pC/ZrTbahyK3

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks