Overview

overview

10

Static

static

32EB540257...61.exe

windows7_x64

10

32EB540257...61.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32EB5402577CC2CF237816B597A6C466E63E373791561.exe

  • Size

    369KB

  • Sample

    210908-rlpyjshggn

  • MD5

    66bf6c9129b65e59e7f84d5f5e9f58c7

  • SHA1

    ada2de51f38ef11260874ee9ba1a5154ed8d2975

  • SHA256

    32eb5402577cc2cf237816b597a6c466e63e373791561cd74040e6569694ef91

  • SHA512

    f25c90c253ba7c7b3bec89d5231c27a1c70d6ed8abc87681df4cccf633bc7c9a2af8c2d8103a05be920cc02d3a28c58ea3933e29d4780824cbc6568b381b7d3b

Score
10/10
njratsuricatatrojan

Malware Config

Targets

    • Target

      32EB5402577CC2CF237816B597A6C466E63E373791561.exe

    • Size

      369KB

    • MD5

      66bf6c9129b65e59e7f84d5f5e9f58c7

    • SHA1

      ada2de51f38ef11260874ee9ba1a5154ed8d2975

    • SHA256

      32eb5402577cc2cf237816b597a6c466e63e373791561cd74040e6569694ef91

    • SHA512

      f25c90c253ba7c7b3bec89d5231c27a1c70d6ed8abc87681df4cccf633bc7c9a2af8c2d8103a05be920cc02d3a28c58ea3933e29d4780824cbc6568b381b7d3b

    Score
    10/10
    njratsuricatatrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

      suricata

    • Executes dropped EXE

    • Drops startup file

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks