Overview

overview

10

Static

static

f017095cdf...1e.exe

windows7-x64

10

f017095cdf...1e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f017095cdf1cbf7233e5519ef552c54a5e368b77c93463cbe5cc870073125a1e

  • Size

    119KB

  • Sample

    221123-lm2e3sbg45

  • MD5

    a2c0c503a303c78519e0104cddb91f57

  • SHA1

    98e36bf431858c6ca2e8bd496e2e97c94a22a3e6

  • SHA256

    f017095cdf1cbf7233e5519ef552c54a5e368b77c93463cbe5cc870073125a1e

  • SHA512

    355ca56fde6f9ad14a43db00d6d7e93eb888280ac8f47918227395bb327fd8178fb2e28d86e2acd4e8ce16587debc72743d6d8db4b342dd6ed23491522b4bd88

  • SSDEEP

    3072:69VavzPmqj2By1qDrbCMB6Z4H6aD9TywlD3HIHxvIYngX0P:hz2bCU6b8bD3Oxnnk

Score
10/10
njratevasionpersistencetrojan

Malware Config

Targets

    • Target

      f017095cdf1cbf7233e5519ef552c54a5e368b77c93463cbe5cc870073125a1e

    • Size

      119KB

    • MD5

      a2c0c503a303c78519e0104cddb91f57

    • SHA1

      98e36bf431858c6ca2e8bd496e2e97c94a22a3e6

    • SHA256

      f017095cdf1cbf7233e5519ef552c54a5e368b77c93463cbe5cc870073125a1e

    • SHA512

      355ca56fde6f9ad14a43db00d6d7e93eb888280ac8f47918227395bb327fd8178fb2e28d86e2acd4e8ce16587debc72743d6d8db4b342dd6ed23491522b4bd88

    • SSDEEP

      3072:69VavzPmqj2By1qDrbCMB6Z4H6aD9TywlD3HIHxvIYngX0P:hz2bCU6b8bD3Oxnnk

    Score
    10/10
    evasionpersistencenjrattrojan

    • Modifies WinLogon for persistence

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Modifies Windows Firewall

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks