General
-
Target
a7ffebe2d929cb30d09a5f97bf04bf4d.exe
-
Size
37KB
-
Sample
211004-pfgc4sgdbk
-
MD5
a7ffebe2d929cb30d09a5f97bf04bf4d
-
SHA1
0973fa934cbac60167827c6131330f5c1455b6c2
-
SHA256
6d8714bcd12dc506609b53ee525e2ee435e154c3c4b1087c8285f3fd2e678dcd
-
SHA512
18ce4fa53d4dbce473c488260eeb641e8967cea99bbac480589ff4289b995f168a2b882a41c3e68f860e8e1a2b8d96bd850826895699fbf7966a4f97882661e2
Malware Config
Extracted
njrat
im523
HacKed
8.tcp.ngrok.io:18888
0b353c48530e21bc19ab5b01d126c6b8
-
reg_key
0b353c48530e21bc19ab5b01d126c6b8
-
splitter
|'|'|
Targets
-
-
Target
a7ffebe2d929cb30d09a5f97bf04bf4d.exe
-
Size
37KB
-
MD5
a7ffebe2d929cb30d09a5f97bf04bf4d
-
SHA1
0973fa934cbac60167827c6131330f5c1455b6c2
-
SHA256
6d8714bcd12dc506609b53ee525e2ee435e154c3c4b1087c8285f3fd2e678dcd
-
SHA512
18ce4fa53d4dbce473c488260eeb641e8967cea99bbac480589ff4289b995f168a2b882a41c3e68f860e8e1a2b8d96bd850826895699fbf7966a4f97882661e2
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-