Overview

overview

10

Static

static

10

NEAS.6c782...a0.exe

windows7-x64

10

NEAS.6c782...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.6c782488de092bc32a74487d3f11efa0.exe

  • Size

    337KB

  • Sample

    231107-dxk7vacb98

  • MD5

    6c782488de092bc32a74487d3f11efa0

  • SHA1

    637c47ddf7e8273ca2cd7caef6934a7428d59e53

  • SHA256

    8744dfee40742459cfacef056473b60302d427655dfc3c77a644626f70d38afd

  • SHA512

    ace64b827fc9b8ad2ccf77522208c22ff7f37e4129d8491958938896480e05a7bf5bfb353e13a31cb0fd39e37a6f318385a92235837f7c84c69f8e1c196dbd0f

  • SSDEEP

    3072:sze5/2turAA4254gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:ae5/2tSAA4O41+fIyG5jZkCwi8r

Score
10/10
njratpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.6c782488de092bc32a74487d3f11efa0.exe

    • Size

      337KB

    • MD5

      6c782488de092bc32a74487d3f11efa0

    • SHA1

      637c47ddf7e8273ca2cd7caef6934a7428d59e53

    • SHA256

      8744dfee40742459cfacef056473b60302d427655dfc3c77a644626f70d38afd

    • SHA512

      ace64b827fc9b8ad2ccf77522208c22ff7f37e4129d8491958938896480e05a7bf5bfb353e13a31cb0fd39e37a6f318385a92235837f7c84c69f8e1c196dbd0f

    • SSDEEP

      3072:sze5/2turAA4254gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:ae5/2tSAA4O41+fIyG5jZkCwi8r

    Score
    10/10
    njratpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks