d53390e08acb0126eceb6eba27a1d9a0ce74b0441961f1f6ac1191ab61ff94fd

General
Target

d53390e08acb0126eceb6eba27a1d9a0ce74b0441961f1f6ac1191ab61ff94fd

Size

3MB

Sample

210922-qfhfvafcbp

Score
10 /10
MD5

4b4dc6e050a52577e40b23eb0f2f1643

SHA1

adc7f113b6fb190df89c41147a01206ab85411c5

SHA256

d53390e08acb0126eceb6eba27a1d9a0ce74b0441961f1f6ac1191ab61ff94fd

SHA512

3e9e205d10ea3fab1d436cccc157627103e41ff857da7ff733e3cf95cdae9f2e149f8d3b9817c4035edf9bc5de4d62ec6744d7d2c67321f28ef18d5b6ec77ca0

Malware Config
Targets
Target

d53390e08acb0126eceb6eba27a1d9a0ce74b0441961f1f6ac1191ab61ff94fd

MD5

4b4dc6e050a52577e40b23eb0f2f1643

Filesize

3MB

Score
10 /10
SHA1

adc7f113b6fb190df89c41147a01206ab85411c5

SHA256

d53390e08acb0126eceb6eba27a1d9a0ce74b0441961f1f6ac1191ab61ff94fd

SHA512

3e9e205d10ea3fab1d436cccc157627103e41ff857da7ff733e3cf95cdae9f2e149f8d3b9817c4035edf9bc5de4d62ec6744d7d2c67321f28ef18d5b6ec77ca0

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Drops startup file

  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10