njrat | 18ebf507db240ffa320285711eca82a2c10c24a7730cf1013e7d400054d70766 | Triage

Sharing

General

Target

065401d13594cd0acd4204a7ad005cc3.exe
Size

408KB
Sample

240927-2qctwstdmk
MD5

065401d13594cd0acd4204a7ad005cc3
SHA1

7d76fc8b26d97e6e98a98b2ed6b668851e2ad8e8
SHA256

18ebf507db240ffa320285711eca82a2c10c24a7730cf1013e7d400054d70766
SHA512

90f9389696ab9ca2982a7a91eafbbb9840b784db27f675383678c2a933dbd8de62a99b9635c27bacf1de42e848f8779a7b921a70a218f503c4172bcf5b403797
SSDEEP

6144:GR4BP+1/nx7WEddxmJto7pWTIjYqXVLFhzNj2GhNA2GhNw+1IH6e10Qk6nlIro/L:YL2iNA2iN26fRQEo3

Score

10^/10

njrat nyan cat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

seznam.hopto.org:5050

Mutex

a321f292c1b24fe7931

Attributes

reg_key
a321f292c1b24fe7931
splitter
@!#&^%$

Targets

- Target
  
  065401d13594cd0acd4204a7ad005cc3.exe
- Size
  
  408KB
- MD5
  
  065401d13594cd0acd4204a7ad005cc3
- SHA1
  
  7d76fc8b26d97e6e98a98b2ed6b668851e2ad8e8
- SHA256
  
  18ebf507db240ffa320285711eca82a2c10c24a7730cf1013e7d400054d70766
- SHA512
  
  90f9389696ab9ca2982a7a91eafbbb9840b784db27f675383678c2a933dbd8de62a99b9635c27bacf1de42e848f8779a7b921a70a218f503c4172bcf5b403797
- SSDEEP
  
  6144:GR4BP+1/nx7WEddxmJto7pWTIjYqXVLFhzNj2GhNA2GhNw+1IH6e10Qk6nlIro/L:YL2iNA2iN26fRQEo3
Score

10^/10

njrat nyan cat discovery trojan
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratnyan catdiscoverytrojan

behavioral2

njratnyan catdiscoverytrojan