Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 04:25

General

  • Target

    8b649cd89dd2b17ae41ca151fe38c546.exe

  • Size

    266KB

  • MD5

    8b649cd89dd2b17ae41ca151fe38c546

  • SHA1

    8a6797f9a3dc2852f06b5de6082c7400a3299f2b

  • SHA256

    ce3d91f22ab6e223326ecdb45238e955e9f73b85099ea41c87bc9bbba0ab7a38

  • SHA512

    3d45bb2d3a667853da87c6a7939d25d6a8bd0ecebfd293bae7db85af6b12ae1abbe32e569c8fb712cc62b6aa606a7b0c731ef01206cfaa46aee21e5d1756cdab

  • SSDEEP

    3072:2EOfbVRwq24k1sz/5/TetO3gSZi8JTmC/o9sdjYHjkeELJfj:qbVmr1Q9iSDaC3HLF

Score
10/10

Malware Config

Signatures

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b649cd89dd2b17ae41ca151fe38c546.exe
    "C:\Users\Admin\AppData\Local\Temp\8b649cd89dd2b17ae41ca151fe38c546.exe"
    1⤵
      PID:1984

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1984-0-0x0000000000260000-0x0000000000270000-memory.dmp

            Filesize

            64KB

          • memory/1984-2-0x000007FEF54C0000-0x000007FEF5E5D000-memory.dmp

            Filesize

            9.6MB

          • memory/1984-1-0x000007FEF54C0000-0x000007FEF5E5D000-memory.dmp

            Filesize

            9.6MB

          • memory/1984-3-0x000007FEF54C0000-0x000007FEF5E5D000-memory.dmp

            Filesize

            9.6MB