General
-
Target
2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe
-
Size
40KB
-
Sample
210914-3wqhlsbdfr
-
MD5
1e59602b94507836f0fddb82d8c7ac04
-
SHA1
1374bfc9639ae6583e79eb3cbd120a890dc3cb6b
-
SHA256
2eb88ba0ec82b9be5def15bfd603ebfb764089ec2b14d2272feedc7b34630a01
-
SHA512
8e103f07aad5fc7fc6e1238ebccb450f21d822e3a1eddcf061dd60c9b26eb86023770050fe9ae83f8dd1d31172bcb6208f3742d3d33958dac01481356a2610ed
Static task
static1
Behavioral task
behavioral1
Sample
2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe
Resource
win7-en
Behavioral task
behavioral2
Sample
2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe
-
Size
40KB
-
MD5
1e59602b94507836f0fddb82d8c7ac04
-
SHA1
1374bfc9639ae6583e79eb3cbd120a890dc3cb6b
-
SHA256
2eb88ba0ec82b9be5def15bfd603ebfb764089ec2b14d2272feedc7b34630a01
-
SHA512
8e103f07aad5fc7fc6e1238ebccb450f21d822e3a1eddcf061dd60c9b26eb86023770050fe9ae83f8dd1d31172bcb6208f3742d3d33958dac01481356a2610ed
Score10/10-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback (Capture)
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback (Capture)
-
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback (Remote Desktop)
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback (Remote Desktop)
-
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback Response (Remote Desktop)
suricata: ET MALWARE njrat ver 0.7d Malware CnC Callback Response (Remote Desktop)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-