General

  • Target

    6d7ae815c7f472fb79545bc6a7a62150N.exe

  • Size

    337KB

  • Sample

    240731-fmlfzaxfrj

  • MD5

    6d7ae815c7f472fb79545bc6a7a62150

  • SHA1

    8c5b621a85ce1059a571937d1d2963ac2880c2ff

  • SHA256

    658c92dec468364c2d18bfa91b03b1bed692e93e710a283ef1f1763c151f9de8

  • SHA512

    37542e16073b607563a3343652486f7362262dead683a1350b820be1ab1045be2fc92ebb0bb60744ba201746dfdc8cb0f12280975fa0300f3973f05f721e9eaf

  • SSDEEP

    3072:eUc1odwyDiagYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:eJ1tyDia1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      6d7ae815c7f472fb79545bc6a7a62150N.exe

    • Size

      337KB

    • MD5

      6d7ae815c7f472fb79545bc6a7a62150

    • SHA1

      8c5b621a85ce1059a571937d1d2963ac2880c2ff

    • SHA256

      658c92dec468364c2d18bfa91b03b1bed692e93e710a283ef1f1763c151f9de8

    • SHA512

      37542e16073b607563a3343652486f7362262dead683a1350b820be1ab1045be2fc92ebb0bb60744ba201746dfdc8cb0f12280975fa0300f3973f05f721e9eaf

    • SSDEEP

      3072:eUc1odwyDiagYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:eJ1tyDia1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks