e741074fedb4ec508e304ecb834d78aa.exe

General
Target

e741074fedb4ec508e304ecb834d78aa.exe

Size

37KB

Sample

210922-qsynlafdem

Score
10 /10
MD5

e741074fedb4ec508e304ecb834d78aa

SHA1

2189c0ffa7ba0d2c64dd9dea2b00b967f4de2d93

SHA256

fdd90c147010114bf0d334c72cfba5a164c26b1f8fdd1e04271901f1152765dc

SHA512

33a862402852c7604ade1b028a229d0915e8e096e80a97b7149aea85bfb33e13653e21bd2f476a09646186a31bb42acd2f990e701397ca786641c9c4d9539f53

Malware Config

Extracted

Family njrat
Version im523
Botnet HacKed
C2

saw4.playit.gg,saw4.playit.gg:45882

Attributes
reg_key
1415a49c1b8e6db79c0d85aa12addd1a
splitter
|'|'|
Targets
Target

e741074fedb4ec508e304ecb834d78aa.exe

MD5

e741074fedb4ec508e304ecb834d78aa

Filesize

37KB

Score
10 /10
SHA1

2189c0ffa7ba0d2c64dd9dea2b00b967f4de2d93

SHA256

fdd90c147010114bf0d334c72cfba5a164c26b1f8fdd1e04271901f1152765dc

SHA512

33a862402852c7604ade1b028a229d0915e8e096e80a97b7149aea85bfb33e13653e21bd2f476a09646186a31bb42acd2f990e701397ca786641c9c4d9539f53

Tags

Signatures

  • suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    Description

    suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)

    Tags

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Privilege Escalation
                        Tasks

                        static1

                        10/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10