Extracted

• • Target

    85e63cb6ed366d4b548bfff49528e6ac

  • Size

    1.4MB

  • MD5

    85e63cb6ed366d4b548bfff49528e6ac

  • SHA1

    d58aeb222fff4730f194346b793b6e1a2773dba9

  • SHA256

    c2cf11a33909db8e4043e88b0119f099d9360fd1f275f4c5b3f7fd204048815c

  • SHA512

    44f3c62b38e3a88cef16c5f541354bcdad7a528e73df2c8694f2826da9ec8dbdd76e2015bc41ba657f6440581e8ce001eb4fde6a1ad7e14afd5c343adc71a647

  • SSDEEP

    24576:Gk/y1uiGoqf3GKjvYyCzbkI8DOhjrqnXDGX72e6meg:GQy1ubo0GKrhCzbkxSIXDGr2er

  Score

  10^/10

  njrathackedtrojanmicrosoftphishing

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Detected potential entity reuse from brand microsoft.

    phishingmicrosoft

  • Suspicious use of SetThreadContext

  behavioral1behavioral2