Overview

overview

10

Static

static

10

5257a4d911...cb.exe

windows7-x64

10

5257a4d911...cb.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5257a4d911b8c84d56445bccaddfffa6f73fea822e044ae8bb4056a8d67d4ecb

  • Size

    337KB

  • Sample

    240326-ywfwysbb47

  • MD5

    29bcad03db19513c1601169b25b5b16a

  • SHA1

    12fa9d6566d915752cdf57bd09ace81cd41a9bc2

  • SHA256

    5257a4d911b8c84d56445bccaddfffa6f73fea822e044ae8bb4056a8d67d4ecb

  • SHA512

    c0b3eba3d447023b6389b23e21452e458e4a865c522d9305df5519cbc2bf0fd4be4fa82a3517a241ee08caad9e7e886f29700bbcdbe149b5ac44441b91e11663

  • SSDEEP

    3072:9+q9b4ekFMRJPw+P9r3RG6fgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:9Akw+P9FG6f1+fIyG5jZkCwi8r

Score
10/10
njratpersistencetrojan

Malware Config

Targets

    • Target

      5257a4d911b8c84d56445bccaddfffa6f73fea822e044ae8bb4056a8d67d4ecb

    • Size

      337KB

    • MD5

      29bcad03db19513c1601169b25b5b16a

    • SHA1

      12fa9d6566d915752cdf57bd09ace81cd41a9bc2

    • SHA256

      5257a4d911b8c84d56445bccaddfffa6f73fea822e044ae8bb4056a8d67d4ecb

    • SHA512

      c0b3eba3d447023b6389b23e21452e458e4a865c522d9305df5519cbc2bf0fd4be4fa82a3517a241ee08caad9e7e886f29700bbcdbe149b5ac44441b91e11663

    • SSDEEP

      3072:9+q9b4ekFMRJPw+P9r3RG6fgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:9Akw+P9FG6f1+fIyG5jZkCwi8r

    Score
    10/10
    njratpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks