13b95e2c39f004190e3f58bcb70572503ffe3ffc7a8d0847ddc903b1f6379077 | Triage

Submit
Reports

Overview

overview

Static

static

bCC1.exe

windows7_x64

bCC1.exe

windows10-2004_x64

Analysis

max time kernel
150s
max time network
153s
platform
windows7_x64
resource
win7-20220414-en
submitted
13-07-2022 21:00

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

bCC1.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bCC1.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

bCC1.exe
Size

36KB
MD5

f4d773204535e8e3f72597c16c09f2cd
SHA1

c783cb23b76d158d5f69e5126a73fec46c3a7c99
SHA256

13b95e2c39f004190e3f58bcb70572503ffe3ffc7a8d0847ddc903b1f6379077
SHA512

5ea85c0b9ffe26945feeaafb917566374c47bcffb9ae1144258bdd917f9936885532591e41055ee1f88c33ae11c0e42435f60d7f36f1cd5cdcc82154417aad31

Score

10^/10

suricata

Malware Config

Signatures

suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata: ET MALWARE Generic njRAT/Bladabindi CnC Activity (ll)
suricata
Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Processes

C:\Users\Admin\AppData\Local\Temp\bCC1.exe
"C:\Users\Admin\AppData\Local\Temp\bCC1.exe"
1⤵
PID:1364

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Web Service

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1364-54-0x000007FEF4A60000-0x000007FEF5483000-memory.dmp

Filesize
10.1MB

Download
memory/1364-55-0x000007FEF3780000-0x000007FEF4816000-memory.dmp

Filesize
16.6MB

Download

© 2018-2024

Terms | Privacy