General

  • Target

    6d8b9855bb1cac5047517505dd6e11a0N.exe

  • Size

    337KB

  • Sample

    240722-gqsvwssbmp

  • MD5

    6d8b9855bb1cac5047517505dd6e11a0

  • SHA1

    016c9eeaca48d3dd5b82068697012ffe4a13d84a

  • SHA256

    04291c4c6c58d47bdd8445024e14c5d4e52da92185faad546dd1ad78123e111e

  • SHA512

    c1848811977e4d665797a3b57860b4186fddbcf4fa07afdf99cfab1230e7b00a4ae1f6063d2e894ef833cd0bddbfa4ef6bb96509ede0b78d968d62f00a3e9e51

  • SSDEEP

    3072:JLCCwLBw/vb1yhGQwk7gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:5PN71yhBwk71+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      6d8b9855bb1cac5047517505dd6e11a0N.exe

    • Size

      337KB

    • MD5

      6d8b9855bb1cac5047517505dd6e11a0

    • SHA1

      016c9eeaca48d3dd5b82068697012ffe4a13d84a

    • SHA256

      04291c4c6c58d47bdd8445024e14c5d4e52da92185faad546dd1ad78123e111e

    • SHA512

      c1848811977e4d665797a3b57860b4186fddbcf4fa07afdf99cfab1230e7b00a4ae1f6063d2e894ef833cd0bddbfa4ef6bb96509ede0b78d968d62f00a3e9e51

    • SSDEEP

      3072:JLCCwLBw/vb1yhGQwk7gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:5PN71yhBwk71+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks