Resubmissions

17/08/2024, 13:59

240817-rahp4asbnk 10

17/08/2024, 12:57

240817-p7ba6szbkm 10

General

  • Target

    9137de19bbc594d21e8f3fdaf5e0d900N.exe

  • Size

    337KB

  • Sample

    240817-rahp4asbnk

  • MD5

    9137de19bbc594d21e8f3fdaf5e0d900

  • SHA1

    01bb81cf289e4a0c2d5e4be9df379a9d3d81bf69

  • SHA256

    042477bcbd2d8640323d8bef444adcc435fed7fbc71c17a76753e4fa4ddb1b57

  • SHA512

    fa2ca7ea3c7c34e1c884fec14d787c17945ed8ad0b8c5432a67fc9b4fbbce94a5fe36ebecd26b88983dcd74ad42283a8f41f4b1730cccd08d3fd03d602fb4616

  • SSDEEP

    3072:hZyP4f3LlG5yZMwDgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:bZMwD1+fIyG5jZkCwi8r

Malware Config

Targets

    • Target

      9137de19bbc594d21e8f3fdaf5e0d900N.exe

    • Size

      337KB

    • MD5

      9137de19bbc594d21e8f3fdaf5e0d900

    • SHA1

      01bb81cf289e4a0c2d5e4be9df379a9d3d81bf69

    • SHA256

      042477bcbd2d8640323d8bef444adcc435fed7fbc71c17a76753e4fa4ddb1b57

    • SHA512

      fa2ca7ea3c7c34e1c884fec14d787c17945ed8ad0b8c5432a67fc9b4fbbce94a5fe36ebecd26b88983dcd74ad42283a8f41f4b1730cccd08d3fd03d602fb4616

    • SSDEEP

      3072:hZyP4f3LlG5yZMwDgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:bZMwD1+fIyG5jZkCwi8r

    • Adds autorun key to be loaded by Explorer.exe on startup

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks