Extracted

• • Target

    844652fb604b2b25b8ed69569eac116f46bbdc219fbc8e4be0c55aa1e6454ffd

  • Size

    42KB

  • MD5

    cc2f5f3dfe758d7d8621a7435a3f9b79

  • SHA1

    b6745fa897f2d7e2791b3f4014eaf05e08eac100

  • SHA256

    844652fb604b2b25b8ed69569eac116f46bbdc219fbc8e4be0c55aa1e6454ffd

  • SHA512

    c251250372928d0f0d2198d772c939c8a3b5a5ea5127ca7539a2c0ca728f81965ccda49f05d076a457019b9646eafa3b468fff9b86c7c158cff80b6012e02e13

  Score

  10^/10

  njratfuriosevasionpersistencetrojan

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

  • Executes dropped EXE

  • Modifies Windows Firewall

    evasion

  • Drops startup file

  • Adds Run key to start application

    persistence

  • Drops autorun.inf file

    Malware can abuse Windows Autorun to spread further via attached volumes.

  behavioral1