Extracted

• • Target

    2046b546c4352659a1e2132266320026.exe

  • Size

    91KB

  • MD5

    2046b546c4352659a1e2132266320026

  • SHA1

    d15304e8c03154cd7b7f76cf5d52bed7829d86c2

  • SHA256

    ba0a08f59f11d391d5ce008ac55d5833b6cebcc8663f2f30e3adef69aa24b483

  • SHA512

    c35760457c2742dc73695ab1fffa53ab337a38e576493af7be80a53b738bc0891c5994776fce1f22213dc32343ebea46425e5c0d871da47333f0b04423ea52cd

  • SSDEEP

    1536:gnEM6IsSOu4wDa1W14z+B2WfkXIVR1zpuv:2E3wDa1WwoKIVRXu

  Score

  10^/10

  njratevasiontrojan

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

  • Modifies Windows Firewall

    evasion

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Legitimate hosting services abused for malware hosting/C2

  • Drops autorun.inf file

    Malware can abuse Windows Autorun to spread further via attached volumes.

  behavioral1behavioral2