General
-
Target
ad24b1319a3a895d8b83a0deae7eac57.exe
-
Size
78KB
-
Sample
211216-pjw8qscgar
-
MD5
ad24b1319a3a895d8b83a0deae7eac57
-
SHA1
81f2908cbb43a41fac8208a9805c06521331f512
-
SHA256
63d4943fbc9e572db52df96729327f29c0342f7b7f192d823dc7a322116f033d
-
SHA512
b061a04845024ed69a1da828f2c85f9f47ff8a5214db47231645db4eef639d18b7c1e6d97e0751ee977e84eca4e4561a8963f1d8468ac424f55a2844e4719231
Malware Config
Extracted
njrat
0.7.3
Lime
daudas.ddns.net:7075
Client.exe
-
reg_key
Client.exe
-
splitter
12345
Targets
-
-
Target
ad24b1319a3a895d8b83a0deae7eac57.exe
-
Size
78KB
-
MD5
ad24b1319a3a895d8b83a0deae7eac57
-
SHA1
81f2908cbb43a41fac8208a9805c06521331f512
-
SHA256
63d4943fbc9e572db52df96729327f29c0342f7b7f192d823dc7a322116f033d
-
SHA512
b061a04845024ed69a1da828f2c85f9f47ff8a5214db47231645db4eef639d18b7c1e6d97e0751ee977e84eca4e4561a8963f1d8468ac424f55a2844e4719231
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
-
suricata: ET MALWARE njRAT/Bladabindi Variant (Lime) CnC Checkin
suricata: ET MALWARE njRAT/Bladabindi Variant (Lime) CnC Checkin
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-