2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe

General
Target

2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe

Size

40KB

Sample

210915-abew6agea3

Score
10 /10
MD5

1e59602b94507836f0fddb82d8c7ac04

SHA1

1374bfc9639ae6583e79eb3cbd120a890dc3cb6b

SHA256

2eb88ba0ec82b9be5def15bfd603ebfb764089ec2b14d2272feedc7b34630a01

SHA512

8e103f07aad5fc7fc6e1238ebccb450f21d822e3a1eddcf061dd60c9b26eb86023770050fe9ae83f8dd1d31172bcb6208f3742d3d33958dac01481356a2610ed

Malware Config
Targets
Target

2EB88BA0EC82B9BE5DEF15BFD603EBFB764089EC2B14D.exe

MD5

1e59602b94507836f0fddb82d8c7ac04

Filesize

40KB

Score
10/10
SHA1

1374bfc9639ae6583e79eb3cbd120a890dc3cb6b

SHA256

2eb88ba0ec82b9be5def15bfd603ebfb764089ec2b14d2272feedc7b34630a01

SHA512

8e103f07aad5fc7fc6e1238ebccb450f21d822e3a1eddcf061dd60c9b26eb86023770050fe9ae83f8dd1d31172bcb6208f3742d3d33958dac01481356a2610ed

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10