General
-
Target
053bb9bc1549cd2dc4e84b8d53735171ed1e62810cedb71c48210fe1487b8fb5.exe
-
Size
42KB
-
Sample
240910-bc2yra1clf
-
MD5
1d556a333267e4161f3d613ba5304de0
-
SHA1
bdb291aeeb0a30ae38285e3387f93c04405882ae
-
SHA256
053bb9bc1549cd2dc4e84b8d53735171ed1e62810cedb71c48210fe1487b8fb5
-
SHA512
f3ceec5f5188ac64455b70e0632d886cd51f36498a9dc6f31f0c83235556ce0afa05eb1e1e2a9cb6ec68553dba8dd44d4cbc8914a2d035bb406a00764c1e30bc
-
SSDEEP
384:SZeoNeHN0Vyoy77PosfygOE3z5umj2CnKs1jUNNNCP33hYCtVKwJR7AMb1VnCgrq:gXIKgl/wsfXNz2CKuUVupVZbLn2+L
Malware Config
Targets
-
-
Target
053bb9bc1549cd2dc4e84b8d53735171ed1e62810cedb71c48210fe1487b8fb5.exe
-
Size
42KB
-
MD5
1d556a333267e4161f3d613ba5304de0
-
SHA1
bdb291aeeb0a30ae38285e3387f93c04405882ae
-
SHA256
053bb9bc1549cd2dc4e84b8d53735171ed1e62810cedb71c48210fe1487b8fb5
-
SHA512
f3ceec5f5188ac64455b70e0632d886cd51f36498a9dc6f31f0c83235556ce0afa05eb1e1e2a9cb6ec68553dba8dd44d4cbc8914a2d035bb406a00764c1e30bc
-
SSDEEP
384:SZeoNeHN0Vyoy77PosfygOE3z5umj2CnKs1jUNNNCP33hYCtVKwJR7AMb1VnCgrq:gXIKgl/wsfXNz2CKuUVupVZbLn2+L
Score10/10-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1