Overview

overview

10

Static

static

10

eb86ed6020...a5.exe

windows7-x64

10

eb86ed6020...a5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    eb86ed602095dde4f5f02f6373ea286991b211e95ffb354fb94177b49f332aa5

  • Size

    337KB

  • Sample

    240907-ba58dswgqc

  • MD5

    b0ced3d87f0068114a9bb19f7b3f2380

  • SHA1

    7f589701ebef81b078b93d1378035841e72b8a86

  • SHA256

    eb86ed602095dde4f5f02f6373ea286991b211e95ffb354fb94177b49f332aa5

  • SHA512

    3e4ac9469b6ed73feb99d6c1893aedbe8c34c1520f7c46a4252a5b11848ba8c0581f2c0bfb6ce7eb27b20b6332489b826d50ff51e3ab1b35bd58acb19ba5be6b

  • SSDEEP

    3072:WDZf9X2dusfKgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:aZf9XT4K1+fIyG5jZkCwi8r

Score
10/10
njratdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      eb86ed602095dde4f5f02f6373ea286991b211e95ffb354fb94177b49f332aa5

    • Size

      337KB

    • MD5

      b0ced3d87f0068114a9bb19f7b3f2380

    • SHA1

      7f589701ebef81b078b93d1378035841e72b8a86

    • SHA256

      eb86ed602095dde4f5f02f6373ea286991b211e95ffb354fb94177b49f332aa5

    • SHA512

      3e4ac9469b6ed73feb99d6c1893aedbe8c34c1520f7c46a4252a5b11848ba8c0581f2c0bfb6ce7eb27b20b6332489b826d50ff51e3ab1b35bd58acb19ba5be6b

    • SSDEEP

      3072:WDZf9X2dusfKgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:aZf9XT4K1+fIyG5jZkCwi8r

    Score
    10/10
    njratdiscoverypersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks