njrat | 2884dcb85bdae9d17e887195618580f9c993bc3cabee354d61f8cb0ed1971f3a | Triage

Sharing

General

Target

75428f615d6c9e05a44f7d8d1c653f40_NeikiAnalytics.exe
Size

428KB
Sample

240531-d2a8fade8x
MD5

75428f615d6c9e05a44f7d8d1c653f40
SHA1

4e07e2ab44c29ec0d0e2968ea2153c472f7a6ac7
SHA256

2884dcb85bdae9d17e887195618580f9c993bc3cabee354d61f8cb0ed1971f3a
SHA512

5caeba7cb56dde868b7520f5244ddad93e6af998ed0854cffebf9ea6f9a56b0de36cab00f26b6fb21309889e7e06964679614e4cb3af3e3294028e2a84304b04
SSDEEP

12288:wbWthB6WCXrfcZJidAB/KLvVIaDdGkDDxDDDQDDiDDQ+iDDDwPD7uDiOeC9:5hBFCXjHmkSkDDxDDDQDDiDDQ+2DDwPW

Score

10^/10

njrat nyan cat trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

ronymahmoud.casacam.net:5050

Mutex

bf24d0816e8b

Attributes

reg_key
bf24d0816e8b
splitter
@!#&^%$

Targets

- Target
  
  75428f615d6c9e05a44f7d8d1c653f40_NeikiAnalytics.exe
- Size
  
  428KB
- MD5
  
  75428f615d6c9e05a44f7d8d1c653f40
- SHA1
  
  4e07e2ab44c29ec0d0e2968ea2153c472f7a6ac7
- SHA256
  
  2884dcb85bdae9d17e887195618580f9c993bc3cabee354d61f8cb0ed1971f3a
- SHA512
  
  5caeba7cb56dde868b7520f5244ddad93e6af998ed0854cffebf9ea6f9a56b0de36cab00f26b6fb21309889e7e06964679614e4cb3af3e3294028e2a84304b04
- SSDEEP
  
  12288:wbWthB6WCXrfcZJidAB/KLvVIaDdGkDDxDDDQDDiDDQ+iDDDwPD7uDiOeC9:5hBFCXjHmkSkDDxDDDQDDiDDQ+2DDwPW
Score

10^/10

njrat nyan cat trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

njratnyan cattrojan

behavioral2

njratnyan cattrojan