General

  • Target

    721ce91db1511b614eda698111dcd68c.bin

  • Size

    24KB

  • Sample

    240529-ckpttsec91

  • MD5

    227934619ad3b75e61d6886d9ce438a6

  • SHA1

    0835b784062dce33466de6ef18452bc49ec4d1e6

  • SHA256

    b7c33b60482c052b704f13e0747dc97ae4384faf9e4bb3fb9a1b7ca0ab1441e2

  • SHA512

    0827be1ff6a36df36d2e66bb54dbc081acb100a43f0b76f0d886b3ff32786cef5638fa8dfee78a1f10cf0fe05f9267e686c05a794dfb6d546f02e31be77d700f

  • SSDEEP

    384:ypUBbQu/n6XqKw8qAhar5AVtyhh5Wt0aVQu+GLQjgno0DonKGQKHVEE:bBQu/CNxyWeMWaVQu+gQsno08KGJEE

Score
10/10

Malware Config

Targets

    • Target

      405062f7037cddb27c2d1df1f9e371f512e14d83da7d878e516c5267a1944d3f.exe

    • Size

      77KB

    • MD5

      721ce91db1511b614eda698111dcd68c

    • SHA1

      34a5ef03e4fe55a3afbd59b08f60c3625d9788bc

    • SHA256

      405062f7037cddb27c2d1df1f9e371f512e14d83da7d878e516c5267a1944d3f

    • SHA512

      72de4cbd417bd85a1bc78ed82656e985190644a34707377d7b1c473f2ead4d6f64599963f93b0ab224fdbb8000959555309d33080ecdedaea6d5140e8f758d44

    • SSDEEP

      1536:LgMXVCT+m0yMVABCafXAbfuLbqp0pAUg0In2aKp+cyf8FIvy5hLy5y7OW8DtbNyg:0oIT+m0xVABCafXAbWLbqp0pAUg0Y2aN

    Score
    10/10
    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks