General

  • Target

    a142637ef315b12c7a4fbd775d20aa0b.exe

  • Size

    158KB

  • Sample

    211222-anx89segd9

  • MD5

    a142637ef315b12c7a4fbd775d20aa0b

  • SHA1

    501987446d082e356c412827736b5b1a2ed04b47

  • SHA256

    c9d747511a0384a1269928fb6486411d045616865ba88062e46d8307e01c780b

  • SHA512

    2b0175f57c996fd6d2313db124154a2b63491ae2da57ca0794e3875b2e40b450381dfaad0ac538e0ec1bd05d9881159f3c01b90d28146e5cf988477f62f3776f

Malware Config

Targets

    • Target

      a142637ef315b12c7a4fbd775d20aa0b.exe

    • Size

      158KB

    • MD5

      a142637ef315b12c7a4fbd775d20aa0b

    • SHA1

      501987446d082e356c412827736b5b1a2ed04b47

    • SHA256

      c9d747511a0384a1269928fb6486411d045616865ba88062e46d8307e01c780b

    • SHA512

      2b0175f57c996fd6d2313db124154a2b63491ae2da57ca0794e3875b2e40b450381dfaad0ac538e0ec1bd05d9881159f3c01b90d28146e5cf988477f62f3776f

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Modifies Windows Firewall

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks