njrat | ec7a3cad963d387d0eb81abd5fe7db17c6aa634ac30ff8485447eec2b5cd3dcb | Triage

Sharing

General

Target

1727246228bf52474d96d0c91d76eecd39cfb06284f20ad0f3e787fb96b50f595788ca18c5809.dat-decoded.exe
Size

32KB
Sample

240925-hd2spstcra
MD5

145ec63fa85b1dd8c0a4c528a3b15cc6
SHA1

8343262ce152b88508474457db596b5035586155
SHA256

ec7a3cad963d387d0eb81abd5fe7db17c6aa634ac30ff8485447eec2b5cd3dcb
SHA512

d5f85626316ba7f812278da24461c9efcfee7fa1ae563b2595eb59c01f17893999eea11171d7818aa64022d7fe2d629e95fccd4a169c9cbab47370c508a40530
SSDEEP

384:u0bUe5XB4e0XOOSSGgFS6Z/73xWTStTUFQqz9UtObbi:/T9BuNSgS6BNJCbi

Score

10^/10

njrat nyan cat discovery

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

notificadoresrma.duckdns.org:2054

Mutex

a388ab2ca3be4

Attributes

reg_key
a388ab2ca3be4
splitter
@!#&^%$

Targets

- Target
  
  1727246228bf52474d96d0c91d76eecd39cfb06284f20ad0f3e787fb96b50f595788ca18c5809.dat-decoded.exe
- Size
  
  32KB
- MD5
  
  145ec63fa85b1dd8c0a4c528a3b15cc6
- SHA1
  
  8343262ce152b88508474457db596b5035586155
- SHA256
  
  ec7a3cad963d387d0eb81abd5fe7db17c6aa634ac30ff8485447eec2b5cd3dcb
- SHA512
  
  d5f85626316ba7f812278da24461c9efcfee7fa1ae563b2595eb59c01f17893999eea11171d7818aa64022d7fe2d629e95fccd4a169c9cbab47370c508a40530
- SSDEEP
  
  384:u0bUe5XB4e0XOOSSGgFS6Z/73xWTStTUFQqz9UtObbi:/T9BuNSgS6BNJCbi
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2