Overview

overview

10

Static

static

B4D3E2A30B...A7.exe

windows7_x64

10

B4D3E2A30B...A7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    B4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exe

  • Size

    145KB

  • Sample

    210914-zvp9nsgch3

  • MD5

    0598d93bdfe246d1ec2adb829fef6ef3

  • SHA1

    09c7d8f4ad2172147da6f597b7160ee42bbad637

  • SHA256

    b4d3e2a30b09d1f2f33476f5234bd7a045973ddbc41a72046c30bbdd19d5f1ef

  • SHA512

    2ec32707470314c823f1f07e10f85662cbc0abd667016ff752d16ffca85b68aa65dccf45d56053058adbea38fed6533afaf7e261ee1fc67b27e16181988e2406

Score
10/10
njratevasiontrojan

Malware Config

Targets

    • Target

      B4D3E2A30B09D1F2F33476F5234BD7A045973DDBC41A7.exe

    • Size

      145KB

    • MD5

      0598d93bdfe246d1ec2adb829fef6ef3

    • SHA1

      09c7d8f4ad2172147da6f597b7160ee42bbad637

    • SHA256

      b4d3e2a30b09d1f2f33476f5234bd7a045973ddbc41a72046c30bbdd19d5f1ef

    • SHA512

      2ec32707470314c823f1f07e10f85662cbc0abd667016ff752d16ffca85b68aa65dccf45d56053058adbea38fed6533afaf7e261ee1fc67b27e16181988e2406

    Score
    10/10
    njratevasiontrojan

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Drops startup file

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

1
T1031

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks