njrat | 1c7c4d743ec43bf257948889b3c1709a00b0c7e25b6d69c0c87bde32f206897c | Triage

Sharing

General

Target

JaffaCakes118_cc6f1af610f7b87142fd78826ead49f0
Size

1.2MB
Sample

250109-th9vnawldq
MD5

cc6f1af610f7b87142fd78826ead49f0
SHA1

223702185058c5c8be8f5ce0f85fd03d925d7f55
SHA256

1c7c4d743ec43bf257948889b3c1709a00b0c7e25b6d69c0c87bde32f206897c
SHA512

bbea6c3c02f8fbf1392e4c5407ee87f0cc899d62accefffec5f0f24d3a54ab6471b647a3159c60a14282165530394dccc85970c9ed111710e4eba1e42ef60073
SSDEEP

24576:WPek78oKgJRrLFbjPjy9WWmbY88TFCbJ4i80:WPX8oz7PFnP0X81SE

Score

10^/10

njrat nyan cat discovery trojan

Malware Config

Extracted

Family

njrat

Version

0.7NC

Botnet

NYAN CAT

C2

milla.publicvm.com:5050

Mutex

ae5c312ad13e4985

Attributes

reg_key
ae5c312ad13e4985
splitter
@!#&^%$

Targets

- Target
  
  JaffaCakes118_cc6f1af610f7b87142fd78826ead49f0
- Size
  
  1.2MB
- MD5
  
  cc6f1af610f7b87142fd78826ead49f0
- SHA1
  
  223702185058c5c8be8f5ce0f85fd03d925d7f55
- SHA256
  
  1c7c4d743ec43bf257948889b3c1709a00b0c7e25b6d69c0c87bde32f206897c
- SHA512
  
  bbea6c3c02f8fbf1392e4c5407ee87f0cc899d62accefffec5f0f24d3a54ab6471b647a3159c60a14282165530394dccc85970c9ed111710e4eba1e42ef60073
- SSDEEP
  
  24576:WPek78oKgJRrLFbjPjy9WWmbY88TFCbJ4i80:WPX8oz7PFnP0X81SE
Score

10^/10

njrat nyan cat discovery trojan
- Njrat family
  njrat
- njRAT/Bladabindi
  Widely used RAT written in .NET.
  trojan njrat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

njratnyan catdiscoverytrojan

behavioral2

njratnyan catdiscoverytrojan