PO #KV18RE001-A5871.pif.exe

General
Target

PO #KV18RE001-A5871.pif.exe

Size

149KB

Sample

210921-xr3dqachgp

Score
10 /10
MD5

25d8edcbfc7380216bb0ef29d66e8ff1

SHA1

b24f4b08cf73da046421ec55b2520b1e89e9400b

SHA256

fc960e98dee6286927405864b8d0f7044eb5241f3e8523fb186e44633ea4e303

SHA512

0814f303286b6e42fc8ebf3cced57f1c5b52d9c83a41118b181a525c16d6da18a61119c8fc2c5a53102839de45727416bb9bea13638e798612b564baa893d0c2

Malware Config
Targets
Target

PO #KV18RE001-A5871.pif.exe

MD5

25d8edcbfc7380216bb0ef29d66e8ff1

Filesize

149KB

Score
10 /10
SHA1

b24f4b08cf73da046421ec55b2520b1e89e9400b

SHA256

fc960e98dee6286927405864b8d0f7044eb5241f3e8523fb186e44633ea4e303

SHA512

0814f303286b6e42fc8ebf3cced57f1c5b52d9c83a41118b181a525c16d6da18a61119c8fc2c5a53102839de45727416bb9bea13638e798612b564baa893d0c2

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    Description

    suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    Tags

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10