General

  • Target

    b93f9d24487ec131cc56df0f7840eb80N.exe

  • Size

    128KB

  • Sample

    240731-qay7eavarm

  • MD5

    b93f9d24487ec131cc56df0f7840eb80

  • SHA1

    6f75602d33fa117a14ed75194b54141d74838cf9

  • SHA256

    e547328349f2c38e6584f1344796767892ae1c6ed94b2b3e0463cab4b2f3c255

  • SHA512

    f4e826b1a95141ab7bb7d2d042f4ff6efa40808d19d585deff49a0bb204bf5f9af6aa2f080827cb8fdc1f2cb3f6a11e1df1ea6393ca9ae44a4b68b5c5352cdc3

  • SSDEEP

    1536:aQZRAPbn8f/++FLlG5yZhWwF1DaYfMZRWuLsV+19/IP:hZyP4f3LlG5yZMwFgYfc0DV+1BIP

Malware Config

Targets

    • Target

      b93f9d24487ec131cc56df0f7840eb80N.exe

    • Size

      128KB

    • MD5

      b93f9d24487ec131cc56df0f7840eb80

    • SHA1

      6f75602d33fa117a14ed75194b54141d74838cf9

    • SHA256

      e547328349f2c38e6584f1344796767892ae1c6ed94b2b3e0463cab4b2f3c255

    • SHA512

      f4e826b1a95141ab7bb7d2d042f4ff6efa40808d19d585deff49a0bb204bf5f9af6aa2f080827cb8fdc1f2cb3f6a11e1df1ea6393ca9ae44a4b68b5c5352cdc3

    • SSDEEP

      1536:aQZRAPbn8f/++FLlG5yZhWwF1DaYfMZRWuLsV+19/IP:hZyP4f3LlG5yZMwFgYfc0DV+1BIP

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks