njrat | ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3 | Triage

Sharing

General

Target

ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3.exe
Size

32KB
Sample

241006-nnmz7awdpg
MD5

918c8dcbb3243a2f87b72605715c8cf6
SHA1

abfd379e56d21b16e630db9d9d81fe6e3326adc0
SHA256

ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3
SHA512

75c3e606687909673ef9d8202e2fe7954d8c4d4d0bef3e0d8c67ab030243971d5f270acd9e6233ffecc0301606b99231083d9b8735345aa24705ed2ba90b9250
SSDEEP

384:50bUe5XB4e0X7OVFggUBZIG0WTEtTUFQqzFrObbW:CT9BuCDggUBZIzhbW

Score

10^/10

njrat nyan cat discovery

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

winddns.publicvm.com:5552

Mutex

9e1aa4ec9905

Attributes

reg_key
9e1aa4ec9905
splitter
@!#&^%$

Targets

- Target
  
  ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3.exe
- Size
  
  32KB
- MD5
  
  918c8dcbb3243a2f87b72605715c8cf6
- SHA1
  
  abfd379e56d21b16e630db9d9d81fe6e3326adc0
- SHA256
  
  ea51449ecfbdea8639b28d8d1e4f0403f5e1f3b3e455d3d8c4beba7532a340d3
- SHA512
  
  75c3e606687909673ef9d8202e2fe7954d8c4d4d0bef3e0d8c67ab030243971d5f270acd9e6233ffecc0301606b99231083d9b8735345aa24705ed2ba90b9250
- SSDEEP
  
  384:50bUe5XB4e0X7OVFggUBZIG0WTEtTUFQqzFrObbW:CT9BuCDggUBZIzhbW
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2