General

  • Target

    ae89f0aae649e30d702c5bc4c64b5686.exe

  • Size

    112KB

  • Sample

    240414-kh5q9saa7x

  • MD5

    ae89f0aae649e30d702c5bc4c64b5686

  • SHA1

    b567789332b970ea670019c0324c281919aed5a7

  • SHA256

    a143672095433afb4ea52c7db7360fa0e185840a7a42b0093caed16409b70422

  • SHA512

    fec51b2586bd1ac6190a7bf8f2174313949269549dc17574a4ec7a8f6b82149df129fd2eb0e5445aa5460986b0757d61c2731b4f8bde115eead17fdced5bc4a0

  • SSDEEP

    1536:0hhUGKU9cLLmMSGmY1ybK8Bo8qDSnXY1DaYfMZRWuLsV+19/IP:YKUWLLFWQ94TnXYgYfc0DV+1BIP

Malware Config

Targets

    • Target

      ae89f0aae649e30d702c5bc4c64b5686.exe

    • Size

      112KB

    • MD5

      ae89f0aae649e30d702c5bc4c64b5686

    • SHA1

      b567789332b970ea670019c0324c281919aed5a7

    • SHA256

      a143672095433afb4ea52c7db7360fa0e185840a7a42b0093caed16409b70422

    • SHA512

      fec51b2586bd1ac6190a7bf8f2174313949269549dc17574a4ec7a8f6b82149df129fd2eb0e5445aa5460986b0757d61c2731b4f8bde115eead17fdced5bc4a0

    • SSDEEP

      1536:0hhUGKU9cLLmMSGmY1ybK8Bo8qDSnXY1DaYfMZRWuLsV+19/IP:YKUWLLFWQ94TnXYgYfc0DV+1BIP

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks