Overview

overview

10

Static

static

10

d238f91573...0N.exe

windows7-x64

10

d238f91573...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d238f9157331f1b067d632b39bd738c0N.exe

  • Size

    337KB

  • Sample

    240909-wvz74asckp

  • MD5

    d238f9157331f1b067d632b39bd738c0

  • SHA1

    2d967dbae8e5b7694babaa41b574d6a41fd8f971

  • SHA256

    52c917eead7347335ee26e3f7c7f73a4b86e59fd5e30ed838528547407a55c0e

  • SHA512

    8650aeff936f87e882fd4515372b5ae1b076bda3d89e072bf5c7139105dc937a7bb5361a9605774fc6d0a37fbde5bb99e868b2802fcb5f21f9dc3c42edd40b82

  • SSDEEP

    3072:j24OkAZuXY7w9gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:3CZMY091+fIyG5jZkCwi8r

Score
10/10
njratdiscoverypersistencetrojan

Malware Config

Targets

    • Target

      d238f9157331f1b067d632b39bd738c0N.exe

    • Size

      337KB

    • MD5

      d238f9157331f1b067d632b39bd738c0

    • SHA1

      2d967dbae8e5b7694babaa41b574d6a41fd8f971

    • SHA256

      52c917eead7347335ee26e3f7c7f73a4b86e59fd5e30ed838528547407a55c0e

    • SHA512

      8650aeff936f87e882fd4515372b5ae1b076bda3d89e072bf5c7139105dc937a7bb5361a9605774fc6d0a37fbde5bb99e868b2802fcb5f21f9dc3c42edd40b82

    • SSDEEP

      3072:j24OkAZuXY7w9gYfc0DV+1BIyLK5jZWlfXXqyYwi8x4Yfc09:3CZMY091+fIyG5jZkCwi8r

    Score
    10/10
    njratdiscoverypersistencetrojan

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

      trojannjrat

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks