Overview

overview

10

Static

static

10

c98c0a16d4...cs.exe

windows7-x64

10

c98c0a16d4...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c98c0a16d46ddc9742c5c0b4027ff790_NeikiAnalytics

  • Size

    337KB

  • Sample

    240514-rb5agsaa8v

  • MD5

    c98c0a16d46ddc9742c5c0b4027ff790

  • SHA1

    07530ab8ddbee716cb37e4bfdd6c50239e1397f3

  • SHA256

    c5a922c26d473f488f96f1c751298bbe952254918f5cfde54bd4f9c5557a1688

  • SHA512

    4b6e2353c8fecc8886e9c74051b79d38df85fc5100744a82ba9f1c93fba55e1fd7d8662d7ec07ee23818511c99f5bb370c363bfd4c22cca443052d3da315c81d

  • SSDEEP

    3072:90kzGtZ4v4wKnFE5ygYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:9VitZp7nFEy1+fIyG5jZkCwi8r

Score
10/10
njratpersistencetrojan

Malware Config

Targets

    • Target

      c98c0a16d46ddc9742c5c0b4027ff790_NeikiAnalytics

    • Size

      337KB

    • MD5

      c98c0a16d46ddc9742c5c0b4027ff790

    • SHA1

      07530ab8ddbee716cb37e4bfdd6c50239e1397f3

    • SHA256

      c5a922c26d473f488f96f1c751298bbe952254918f5cfde54bd4f9c5557a1688

    • SHA512

      4b6e2353c8fecc8886e9c74051b79d38df85fc5100744a82ba9f1c93fba55e1fd7d8662d7ec07ee23818511c99f5bb370c363bfd4c22cca443052d3da315c81d

    • SSDEEP

      3072:90kzGtZ4v4wKnFE5ygYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:9VitZp7nFEy1+fIyG5jZkCwi8r

    Score
    10/10
    njratpersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks