Analysis

  • max time kernel
    93s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/02/2024, 04:25

General

  • Target

    8b649cd89dd2b17ae41ca151fe38c546.exe

  • Size

    266KB

  • MD5

    8b649cd89dd2b17ae41ca151fe38c546

  • SHA1

    8a6797f9a3dc2852f06b5de6082c7400a3299f2b

  • SHA256

    ce3d91f22ab6e223326ecdb45238e955e9f73b85099ea41c87bc9bbba0ab7a38

  • SHA512

    3d45bb2d3a667853da87c6a7939d25d6a8bd0ecebfd293bae7db85af6b12ae1abbe32e569c8fb712cc62b6aa606a7b0c731ef01206cfaa46aee21e5d1756cdab

  • SSDEEP

    3072:2EOfbVRwq24k1sz/5/TetO3gSZi8JTmC/o9sdjYHjkeELJfj:qbVmr1Q9iSDaC3HLF

Score
10/10

Malware Config

Signatures

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

  • Drops desktop.ini file(s) 2 IoCs
  • Drops file in Windows directory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b649cd89dd2b17ae41ca151fe38c546.exe
    "C:\Users\Admin\AppData\Local\Temp\8b649cd89dd2b17ae41ca151fe38c546.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Drops file in Windows directory
    PID:3760

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3760-0-0x00007FF9ACE90000-0x00007FF9AD831000-memory.dmp

          Filesize

          9.6MB

        • memory/3760-1-0x0000000001960000-0x0000000001970000-memory.dmp

          Filesize

          64KB

        • memory/3760-2-0x00007FF9ACE90000-0x00007FF9AD831000-memory.dmp

          Filesize

          9.6MB

        • memory/3760-3-0x0000000001A80000-0x0000000001A90000-memory.dmp

          Filesize

          64KB

        • memory/3760-7-0x00007FF9ACE90000-0x00007FF9AD831000-memory.dmp

          Filesize

          9.6MB