General
-
Target
43243098865dc17b6e938b2c38c9ca57c0cc3a46ed08fe5a02e4f2237a7a5342
-
Size
359KB
-
Sample
221127-y7spwsfe47
-
MD5
07c4f7117a76702bbaa8b2bfdcc0d57a
-
SHA1
d972db6716223c10c264c08c51443dfb7d760f09
-
SHA256
43243098865dc17b6e938b2c38c9ca57c0cc3a46ed08fe5a02e4f2237a7a5342
-
SHA512
5a16e7e3f28220d9f7ddbcca2ad430cd3a6c3af8da53c4293831d8b868f67ca69833ffd31bd5b92f89da8480967fc87d477fbb151993cb78b576b36948164724
-
SSDEEP
6144:uSFUXrX1/aniqx4wIs87ecmrmjHxCw/K/y3EI1mYd06/aZ9saIUZyNRPihm0/s:uOUj1/a54Kyrd/51mYtE9l4PAL/s
Malware Config
Targets
-
-
Target
43243098865dc17b6e938b2c38c9ca57c0cc3a46ed08fe5a02e4f2237a7a5342
-
Size
359KB
-
MD5
07c4f7117a76702bbaa8b2bfdcc0d57a
-
SHA1
d972db6716223c10c264c08c51443dfb7d760f09
-
SHA256
43243098865dc17b6e938b2c38c9ca57c0cc3a46ed08fe5a02e4f2237a7a5342
-
SHA512
5a16e7e3f28220d9f7ddbcca2ad430cd3a6c3af8da53c4293831d8b868f67ca69833ffd31bd5b92f89da8480967fc87d477fbb151993cb78b576b36948164724
-
SSDEEP
6144:uSFUXrX1/aniqx4wIs87ecmrmjHxCw/K/y3EI1mYd06/aZ9saIUZyNRPihm0/s:uOUj1/a54Kyrd/51mYtE9l4PAL/s
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Adds Run key to start application
-