General

  • Target

    dcef596caae6d5ee4a68887658983ee88496fc9bc4579b096ee72b8e71211ffc

  • Size

    337KB

  • Sample

    240731-sd1whszakn

  • MD5

    c0111b277b705a4db59320e3461ba3b0

  • SHA1

    9f624d084e332649e03fbc192aa02321c0f210a8

  • SHA256

    dcef596caae6d5ee4a68887658983ee88496fc9bc4579b096ee72b8e71211ffc

  • SHA512

    2c6c4758a788e6b7b86200cbe675e874468ddbcdde0bafb450c8f76f53d66d23d77f0bb2762cb8aa20bb2c95dd4348d79e0012fb34d4eb7251c7a398f59746cb

  • SSDEEP

    3072:4q6otJHpu5rKegYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:0uJJu5Ke1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      dcef596caae6d5ee4a68887658983ee88496fc9bc4579b096ee72b8e71211ffc

    • Size

      337KB

    • MD5

      c0111b277b705a4db59320e3461ba3b0

    • SHA1

      9f624d084e332649e03fbc192aa02321c0f210a8

    • SHA256

      dcef596caae6d5ee4a68887658983ee88496fc9bc4579b096ee72b8e71211ffc

    • SHA512

      2c6c4758a788e6b7b86200cbe675e874468ddbcdde0bafb450c8f76f53d66d23d77f0bb2762cb8aa20bb2c95dd4348d79e0012fb34d4eb7251c7a398f59746cb

    • SSDEEP

      3072:4q6otJHpu5rKegYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:0uJJu5Ke1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks