B4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exe

General
Target

B4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exe

Size

145KB

Sample

210914-zvp9nsgch3

Score
10 /10
MD5

0598d93bdfe246d1ec2adb829fef6ef3

SHA1

09c7d8f4ad2172147da6f597b7160ee42bbad637

SHA256

b4d3e2a30b09d1f2f33476f5234bd7a045973ddbc41a72046c30bbdd19d5f1ef

SHA512

2ec32707470314c823f1f07e10f85662cbc0abd667016ff752d16ffca85b68aa65dccf45d56053058adbea38fed6533afaf7e261ee1fc67b27e16181988e2406

Malware Config
Targets
Target

B4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exe

MD5

0598d93bdfe246d1ec2adb829fef6ef3

Filesize

145KB

Score
10/10
SHA1

09c7d8f4ad2172147da6f597b7160ee42bbad637

SHA256

b4d3e2a30b09d1f2f33476f5234bd7a045973ddbc41a72046c30bbdd19d5f1ef

SHA512

2ec32707470314c823f1f07e10f85662cbc0abd667016ff752d16ffca85b68aa65dccf45d56053058adbea38fed6533afaf7e261ee1fc67b27e16181988e2406

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Drops startup file

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10