General

  • Target

    0159d5aa7f5767a859a87e247d3b6760N.exe

  • Size

    337KB

  • Sample

    240817-gdrgaszdqg

  • MD5

    0159d5aa7f5767a859a87e247d3b6760

  • SHA1

    ccf16757e20a95bf2e3345d7bedafe2b4e930775

  • SHA256

    965091fdb2a5dbec12f01720d9868bbd3afd0001afc54898ef4424385f4acf59

  • SHA512

    6ac8a441f974574b1fa5af8caff1a1c9842155d30338313a704b71571b17d085e7e511fee7b995f5162dd36ee9e1088da1edceb67f13bc6ee069b76ad44da372

  • SSDEEP

    3072:WUmbKWAMt8dEBkbdVgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:DmGWAMKdEBkhV1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      0159d5aa7f5767a859a87e247d3b6760N.exe

    • Size

      337KB

    • MD5

      0159d5aa7f5767a859a87e247d3b6760

    • SHA1

      ccf16757e20a95bf2e3345d7bedafe2b4e930775

    • SHA256

      965091fdb2a5dbec12f01720d9868bbd3afd0001afc54898ef4424385f4acf59

    • SHA512

      6ac8a441f974574b1fa5af8caff1a1c9842155d30338313a704b71571b17d085e7e511fee7b995f5162dd36ee9e1088da1edceb67f13bc6ee069b76ad44da372

    • SSDEEP

      3072:WUmbKWAMt8dEBkbdVgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:DmGWAMKdEBkhV1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks