Overview

overview

10

Static

static

5

1e0fa172f8...3d.exe

windows7-x64

10

1e0fa172f8...3d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e0fa172f8e8c36eb9dd901a10775bef1fa6eaa0948511f441a11a41b725673d

  • Size

    1003KB

  • Sample

    221127-jth6zabb88

  • MD5

    85c004bf3ab8cf01662cb288ea9ae5db

  • SHA1

    d3e547ca0ff0016d26f2fe195590c4c50a986aac

  • SHA256

    1e0fa172f8e8c36eb9dd901a10775bef1fa6eaa0948511f441a11a41b725673d

  • SHA512

    b2e253c33cf99c9643866cd15be67a196dcc94072def82ec22355d16e76dcb002b364e3a909b39ae1548253d0eaf992dcc86aa57ed0a708ebee331530ec39633

  • SSDEEP

    12288:OhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4auFm:eRmJkcoQricOIQxiZY1iauFm

Score
10/10
njratmicrosoftpersistencephishingtrojan

Malware Config

Targets

    • Target

      1e0fa172f8e8c36eb9dd901a10775bef1fa6eaa0948511f441a11a41b725673d

    • Size

      1003KB

    • MD5

      85c004bf3ab8cf01662cb288ea9ae5db

    • SHA1

      d3e547ca0ff0016d26f2fe195590c4c50a986aac

    • SHA256

      1e0fa172f8e8c36eb9dd901a10775bef1fa6eaa0948511f441a11a41b725673d

    • SHA512

      b2e253c33cf99c9643866cd15be67a196dcc94072def82ec22355d16e76dcb002b364e3a909b39ae1548253d0eaf992dcc86aa57ed0a708ebee331530ec39633

    • SSDEEP

      12288:OhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4auFm:eRmJkcoQricOIQxiZY1iauFm

    Score
    10/10
    njrattrojanmicrosoftpersistencephishing

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Adds Run key to start application

      persistence

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks