864259b607ed3dd2fc8873cd2e0fcbbb1b156bbf67afb55cbc41b8a83ae81b9a

General
Target

864259b607ed3dd2fc8873cd2e0fcbbb1b156bbf67afb55cbc41b8a83ae81b9a

Size

92KB

Sample

210924-gx7mmagah8

Score
10 /10
MD5

d136709b5b24d88ea5e2f42821a5a996

SHA1

ce1371e3e78173266a95370856ad24412aaa9b23

SHA256

864259b607ed3dd2fc8873cd2e0fcbbb1b156bbf67afb55cbc41b8a83ae81b9a

SHA512

5642bef456efcb67dc7788a7af5296e5c856d66a10e31a0ff140641226f176d6c573e848bc3ad1680b8279f9a92bef6c7683f1a62b92df6f4883299df2c0bc6a

Malware Config
Targets
Target

864259b607ed3dd2fc8873cd2e0fcbbb1b156bbf67afb55cbc41b8a83ae81b9a

MD5

d136709b5b24d88ea5e2f42821a5a996

Filesize

92KB

Score
10 /10
SHA1

ce1371e3e78173266a95370856ad24412aaa9b23

SHA256

864259b607ed3dd2fc8873cd2e0fcbbb1b156bbf67afb55cbc41b8a83ae81b9a

SHA512

5642bef456efcb67dc7788a7af5296e5c856d66a10e31a0ff140641226f176d6c573e848bc3ad1680b8279f9a92bef6c7683f1a62b92df6f4883299df2c0bc6a

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10