Extracted

• • Target

    filetest.exe

  • Size

    33KB

  • MD5

    ef59fb3c39255044648423954f1da668

  • SHA1

    45cf2370789c5314fa2c57221ca02b6ef877be60

  • SHA256

    ed307213c0e62af8477e9ca939b045da7498c21d7c717011a78b3b2de8dfec3a

  • SHA512

    907aefa515e7df8dd215f57ec47d96e79cf5b63b0a4e7aeb81ed8ce2540796dd4281ce46d3b06b4bda4c250aec6bd62b83b5018979cea064fa7f37fd7e55f101

  • SSDEEP

    768:uR5KrKvDIAuBtvoY2vIP0S9QY3UuTWUSX94HPy8R9:rKvMnf2Ie+U1NX94vy8/

  Score

  10^/10

  njrathackeddefense_evasiondiscoverytrojan

  • njRAT/Bladabindi

    Widely used RAT written in .NET.

    trojannjrat

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Obfuscated Files or Information: Command Obfuscation

    Adversaries may obfuscate content during command execution to impede detection.

    defense_evasion
  behavioral1behavioral2