Overview

overview

10

Static

static

10

ff73442592...03.exe

windows7-x64

10

ff73442592...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff734425928c8f2b5bf66189fa67cd452a8ede1f867c773fa0f91ad2deb65103.exe

  • Size

    337KB

  • Sample

    240908-fvt33s1aja

  • MD5

    90150209cb43f0e4cdc34991b4d22615

  • SHA1

    9b7785e6206d1d55a5e46ea25c0ddd91cc14a7bf

  • SHA256

    ff734425928c8f2b5bf66189fa67cd452a8ede1f867c773fa0f91ad2deb65103

  • SHA512

    a94181068e880f2cc28077298a30feea012cf9cf2cfebfe3650a0856296903720b0e062255dbee4709eff9b8a847b7c2ab06ca849995b868ed2212e13eaa92a5

  • SSDEEP

    3072:PD3UDRaQGo6qeUgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:PD3aaQGo6qeU1+fIyG5jZkCwi8r

Score
10/10
njratdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      ff734425928c8f2b5bf66189fa67cd452a8ede1f867c773fa0f91ad2deb65103.exe

    • Size

      337KB

    • MD5

      90150209cb43f0e4cdc34991b4d22615

    • SHA1

      9b7785e6206d1d55a5e46ea25c0ddd91cc14a7bf

    • SHA256

      ff734425928c8f2b5bf66189fa67cd452a8ede1f867c773fa0f91ad2deb65103

    • SHA512

      a94181068e880f2cc28077298a30feea012cf9cf2cfebfe3650a0856296903720b0e062255dbee4709eff9b8a847b7c2ab06ca849995b868ed2212e13eaa92a5

    • SSDEEP

      3072:PD3UDRaQGo6qeUgYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:PD3aaQGo6qeU1+fIyG5jZkCwi8r

    Score
    10/10
    njratdiscoverypersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks