njrat | dcf98ceb9b78fe707639266af4feae4649e60c6224a41d0dc2da2f5637bb41d0 | Triage

Sharing

General

Target

dcf98ceb9b78fe707639266af4feae4649e60c6224a41d0dc2da2f5637bb41d0N
Size

32KB
Sample

241001-rdnqhsxcpd
MD5

b2a6d2244763148bc1e717845cc1c740
SHA1

fd3285b4493ee3e7f68a0c53459e31774b1cc8f9
SHA256

dcf98ceb9b78fe707639266af4feae4649e60c6224a41d0dc2da2f5637bb41d0
SHA512

742c7048a57b522b1b942bb45177b496cd5330ea108da94af4f23cdeb584af57024cde717eb40e85f9c567ed7166229bb0423a1381ac99d5bf5110d45c57a9a6
SSDEEP

384:00bUe5XB4e0XuOJ6ggUBZIGcWTYtTUFQqzF/Obb0:RT9ButgggUBZIzFb0

Score

10^/10

njrat nyan cat discovery

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

maravillas2022.duckdns.org:9510

Mutex

95e474bc16ec42bc

Attributes

reg_key
95e474bc16ec42bc
splitter
@!#&^%$

Targets

- Target
  
  dcf98ceb9b78fe707639266af4feae4649e60c6224a41d0dc2da2f5637bb41d0N
- Size
  
  32KB
- MD5
  
  b2a6d2244763148bc1e717845cc1c740
- SHA1
  
  fd3285b4493ee3e7f68a0c53459e31774b1cc8f9
- SHA256
  
  dcf98ceb9b78fe707639266af4feae4649e60c6224a41d0dc2da2f5637bb41d0
- SHA512
  
  742c7048a57b522b1b942bb45177b496cd5330ea108da94af4f23cdeb584af57024cde717eb40e85f9c567ed7166229bb0423a1381ac99d5bf5110d45c57a9a6
- SSDEEP
  
  384:00bUe5XB4e0XuOJ6ggUBZIGcWTYtTUFQqzF/Obb0:RT9ButgggUBZIzFb0
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2