d74e83ed5ab21b5c7d0a980d53c434fc7586f0f99d566b479496d2c723f79ee8

General
Target

d74e83ed5ab21b5c7d0a980d53c434fc7586f0f99d566b479496d2c723f79ee8

Size

717KB

Sample

210924-hzjh9agbgp

Score
10 /10
MD5

32c47ecaa256f8fa0d830e7624bed63e

SHA1

72c70ecb7e62e116b876c21dc37ef018239e97e5

SHA256

d74e83ed5ab21b5c7d0a980d53c434fc7586f0f99d566b479496d2c723f79ee8

SHA512

c80389394f5114c4acf4dad003d8668c51a128070011f8df56e86d8bf3fcd8468db11963a490e7a760bfd43b535e1afa2548c93c9d1cf6fbcded81ee824abdc4

Malware Config
Targets
Target

d74e83ed5ab21b5c7d0a980d53c434fc7586f0f99d566b479496d2c723f79ee8

MD5

32c47ecaa256f8fa0d830e7624bed63e

Filesize

717KB

Score
10 /10
SHA1

72c70ecb7e62e116b876c21dc37ef018239e97e5

SHA256

d74e83ed5ab21b5c7d0a980d53c434fc7586f0f99d566b479496d2c723f79ee8

SHA512

c80389394f5114c4acf4dad003d8668c51a128070011f8df56e86d8bf3fcd8468db11963a490e7a760bfd43b535e1afa2548c93c9d1cf6fbcded81ee824abdc4

Tags

Signatures

  • njRAT/Bladabindi

    Description

    Widely used RAT written in .NET.

    Tags

  • Executes dropped EXE

  • Modifies Windows Firewall

    Tags

    TTPs

    Modify Existing Service
  • Loads dropped DLL

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    behavioral1

                    10/10

                    behavioral2

                    10/10