Overview

overview

10

Static

static

10

0b2aef8463...e0.exe

windows7_x64

10

0b2aef8463...e0.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    33s
  • max time network
    7s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    30-06-2022 19:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b2aef8463fb5a82c4946f071aa0343c562ddab2fcdc82b8147a9e29a79d79e0.exe

  • Size

    29KB

  • MD5

    0b91736e6d90f5b55e04882d0cedfa48

  • SHA1

    c15bdf3df0a9eb1d7ffe88c9175f28e9687e6053

  • SHA256

    0b2aef8463fb5a82c4946f071aa0343c562ddab2fcdc82b8147a9e29a79d79e0

  • SHA512

    b4b5a02c2b053790867dea292d60a610ae360a4356784660bf5c2770c38b18ab7468049d0c029dacbe3ae3aec615aa78a09e5755691207e7d08ba34c0bcab69a

Score
10/10
njrattrojan

Malware Config

Signatures

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b2aef8463fb5a82c4946f071aa0343c562ddab2fcdc82b8147a9e29a79d79e0.exe
    "C:\Users\Admin\AppData\Local\Temp\0b2aef8463fb5a82c4946f071aa0343c562ddab2fcdc82b8147a9e29a79d79e0.exe"
    1⤵
      PID:4736
      • C:\Users\Admin\AppData\Local\Temp\sestm.exe
        "C:\Users\Admin\AppData\Local\Temp\sestm.exe"
        2⤵
          PID:4648

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\sestm.exe
        Filesize

        9KB

        MD5

        725bab3ed37f7c0b58070b6453b1fe92

        SHA1

        d7687c8c9671ca094ceca78b5a2e2f4dc1cb2fdf

        SHA256

        51edcb881243cadb5e6184827fdf974c2413059e8ac3593c62d87cafec767217

        SHA512

        0807f83d4d3bb1814f4c68e84b2bec7bea180e466e3157b4bcf7a0ebcac4d3036eed214569886cba17f6adaf628991a04452d0f884e8b7637d82c1c45df2b778

        Download Submit
      • C:\Users\Admin\AppData\Local\Temp\sestm.exe
        Filesize

        14KB

        MD5

        da8a450cb540de85b7d950a8b9a29a70

        SHA1

        4cb70f3b26169498e6bae91500d88dc108200607

        SHA256

        8518149a1f6ca6a002c59e7ceea0611bfa0cba399242d52f1c24d5f01f01d7cf

        SHA512

        fc30935b0cbe00f2f0657f5e5ec3783a6ea97ad8ade067158ac9c0dbcec788141b973fcb0585ec9c9397b2ccd98cf043492eb3ddfc13f82cda3e24406ac62235

        Download Submit
      • memory/4648-131-0x0000000000000000-mapping.dmp
        Download
      • memory/4648-135-0x0000000074D80000-0x0000000075331000-memory.dmp
        Filesize

        5.7MB

        Download
      • memory/4736-130-0x0000000074D80000-0x0000000075331000-memory.dmp
        Filesize

        5.7MB

        Download
      • memory/4736-134-0x0000000074D80000-0x0000000075331000-memory.dmp
        Filesize

        5.7MB

        Download