Overview

overview

10

Static

static

10

8ac23a3fc7...f8.exe

windows7-x64

10

8ac23a3fc7...f8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ac23a3fc70451ed209a74c754fef8d813741d16e62581379764bdc35a9938f8

  • Size

    337KB

  • Sample

    240831-3tw8dasfnc

  • MD5

    223e27a19d124388c571f62ab389dd1f

  • SHA1

    debe0ff284d631924d750c7b0d71324e2116bba9

  • SHA256

    8ac23a3fc70451ed209a74c754fef8d813741d16e62581379764bdc35a9938f8

  • SHA512

    6cabd32570bb27b6ff09bc6b87d232aacfad5ace126d8ef2fb749134ed87234394a829d147a8534f362d494c4c056280a81f84629b0abded19c3d776c051aecf

  • SSDEEP

    3072:4K/ghVgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:4K/ghV1+fIyG5jZkCwi8r

Score
10/10
njratdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      8ac23a3fc70451ed209a74c754fef8d813741d16e62581379764bdc35a9938f8

    • Size

      337KB

    • MD5

      223e27a19d124388c571f62ab389dd1f

    • SHA1

      debe0ff284d631924d750c7b0d71324e2116bba9

    • SHA256

      8ac23a3fc70451ed209a74c754fef8d813741d16e62581379764bdc35a9938f8

    • SHA512

      6cabd32570bb27b6ff09bc6b87d232aacfad5ace126d8ef2fb749134ed87234394a829d147a8534f362d494c4c056280a81f84629b0abded19c3d776c051aecf

    • SSDEEP

      3072:4K/ghVgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:4K/ghV1+fIyG5jZkCwi8r

    Score
    10/10
    njratdiscoverypersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks